Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA65256
HistoryMar 22, 2024 - 12:00 a.m.

KLA65256 Multiple vulnerabilities in Mozilla Firefox

2024-03-2200:00:00
Kaspersky Lab
threats.kaspersky.com
19
mozilla firefox
vulnerabilities
malicious users
arbitrary code
denial of service
update
mfsa2024-15
ace
cve-2024-29944
cve-2024-29943

8.7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Remote code execution vulnerability can be exploited remotely to execute arbitrary code.
  2. Out of bounds vulnerability can be exploited to cause denial of service or execute arbitrary code.

Original advisories

MFSA2024-15

Exploitation

Public exploits exist for this vulnerability.

Related products

Mozilla-Firefox

CVE list

CVE-2024-29944 warning

CVE-2024-29943 warning

Solution

Update to the latest version

Download Firefox

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

  • Mozilla Firefox earlier than 124.0.1

Related

openvas 14
nessus 30
mozilla 2
malwarebytes 1
ubuntu 2
osv 7
veracode 2
nvd 2
cvelist 2
redhatcve 2
ubuntucve 2
slackware 1
debiancve 2
debian 2
cve 2
kaspersky 1
zdi 2
githubexploit 1
cgr 1
alpinelinux 1
redhat 9
oraclelinux 3
centos 1
almalinux 2
mageia 1
rocky 1
openvas
openvas
Mozilla Firefox Security Update (mfsa_2024-15) - Windows
2024-03-25 00:00:00
Mozilla Firefox Security Update (mfsa_2024-15) - Mac OS X
2024-03-25 00:00:00
Mozilla Firefox Security Advisory (MFSA2024-15) - Linux
2024-03-22 00:00:00
nessus
nessus
Mozilla Firefox < 124.0.1
2024-03-22 00:00:00
Mozilla Firefox < 124.0.1
2024-03-22 00:00:00
Fedora 39 : firefox (2024-c8549a8c75)
2024-03-24 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 124.0.1 — Mozilla
2024-03-22 00:00:00
Security Vulnerabilities fixed in Firefox ESR 115.9.1 — Mozilla
2024-03-22 00:00:00
malwarebytes
malwarebytes
Patch now: Mozilla patches two critical vulnerabilities in Firefox
2024-03-26 14:09:18
ubuntu
ubuntu
Firefox regressions
2024-04-04 00:00:00
Firefox vulnerabilities
2024-03-25 00:00:00
osv
osv
firefox regressions
2024-04-04 01:36:16
firefox vulnerabilities
2024-03-25 01:38:21
firefox-esr - security update
2024-03-23 00:00:00
veracode
veracode
Out-of-bounds Read
2024-03-24 12:09:29
Privilege Escalation
2024-03-24 12:13:55
nvd
nvd
CVE-2024-29943
2024-03-22 13:15:07
CVE-2024-29944
2024-03-22 13:15:07
cvelist
cvelist
CVE-2024-29943
2024-03-22 12:55:39
CVE-2024-29944
2024-03-22 12:55:40
redhatcve
redhatcve
CVE-2024-29943
2024-03-22 18:51:00
CVE-2024-29944
2024-03-22 14:13:32
ubuntucve
ubuntucve
CVE-2024-29944
2024-03-22 00:00:00
CVE-2024-29943
2024-03-22 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-03-23 19:41:05
debiancve
debiancve
CVE-2024-29944
2024-03-22 13:15:07
CVE-2024-29943
2024-03-22 13:15:07
debian
debian
[SECURITY] [DSA 5645-1] firefox-esr security update
2024-03-23 20:10:40
[SECURITY] [DLA 3775-1] firefox-esr security update
2024-03-25 15:40:17
cve
cve
CVE-2024-29944
2024-03-22 13:15:07
CVE-2024-29943
2024-03-22 13:15:07
kaspersky
kaspersky
KLA65257 ACE vulnerability in Mozilla Firefox ESR
2024-03-22 00:00:00
zdi
zdi
(Pwn2Own) Mozilla Firefox SpiderMonkey JIT Compiler Out-Of-Bounds Write Remote Code Execution Vulnerability
2024-06-12 00:00:00
(Pwn2Own) Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability
2024-06-12 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-29943
2024-06-27 13:47:52
cgr
cgr
CVE-2024-29944 vulnerabilities
2024-05-19 03:07:16
alpinelinux
alpinelinux
CVE-2024-29944
2024-03-22 13:15:07
redhat
redhat
(RHSA-2024:1485) Critical: firefox security update
2024-03-25 18:20:43
(RHSA-2024:1488) Critical: firefox security update
2024-03-25 18:21:05
(RHSA-2024:1486) Critical: firefox security update
2024-03-25 18:20:50
oraclelinux
oraclelinux
firefox security update
2024-03-26 00:00:00
firefox security update
2024-03-26 00:00:00
firefox security update
2024-03-26 00:00:00
centos
centos
firefox security update
2024-04-03 14:00:43
almalinux
almalinux
Critical: firefox security update
2024-03-25 00:00:00
Critical: firefox security update
2024-03-25 00:00:00
mageia
mageia
Updated nss firefox, nss packages fix security vulnerabilities
2024-03-27 22:24:13
rocky
rocky
firefox security update
2024-03-27 04:34:32

8.7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON
Related for KLA65256
openvas14nessus30mozilla2malwarebytes1ubuntu2osv7veracode2nvd2cvelist2redhatcve2ubuntucve2slackware1debiancve2debian2cve2kaspersky1zdi2githubexploit1cgr1alpinelinux1redhat9oraclelinux3centos1almalinux2mageia1rocky1