CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
34.9%
firefox is vulnerable to Remote Code Execution (RCE). An attacker could exploit this vulnerability by tricking a user into visiting a malicious website or opening a malicious file. The website or file would contain a specially crafted exploit that would cause Firefox to crash, triggering the memory corruption bug. The attacker could then use the memory corruption bug to execute arbitrary code on the user’s system.