CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
25.8%
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-4767,
CVE-2024-4768, CVE-2024-4769, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773,
CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778)
Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory
when audio input connected with multiple consumers. An attacker could
potentially exploit this issue to cause a denial of service, or execute
arbitrary code. (CVE-2024-4764)
Thomas Rinsma discovered that Firefox did not properly handle type check
when handling fonts in PDF.js. An attacker could potentially exploit this
issue to execute arbitrary javascript code in PDF.js. (CVE-2024-4367)
Irvan Kurniawan discovered that Firefox did not properly handle certain
font styles when saving a page to PDF. An attacker could potentially
exploit this issue to cause a denial of service. (CVE-2024-4770)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 20.04 | noarch | firefox | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-dbg | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-dev | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-geckodriver | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-locale-af | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-locale-an | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-locale-ar | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-locale-as | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-locale-ast | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | firefox-locale-az | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
ubuntu.com/security/CVE-2024-4367
ubuntu.com/security/CVE-2024-4764
ubuntu.com/security/CVE-2024-4767
ubuntu.com/security/CVE-2024-4768
ubuntu.com/security/CVE-2024-4769
ubuntu.com/security/CVE-2024-4770
ubuntu.com/security/CVE-2024-4771
ubuntu.com/security/CVE-2024-4772
ubuntu.com/security/CVE-2024-4773
ubuntu.com/security/CVE-2024-4774
ubuntu.com/security/CVE-2024-4775
ubuntu.com/security/CVE-2024-4776
ubuntu.com/security/CVE-2024-4777
ubuntu.com/security/CVE-2024-4778