Lucene search
Veracode Vulnerability DatabaseVERACODE:46349HistoryApr 10, 2024 - 9:52 p.m.
Arbitrary Code Execution
2024-04-1021:52:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
vulnerability
firefox
thunderbird
arbitrary code execution
windows error reporter
sandbox
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
6.7
Confidence
High
EPSS
0
Percentile
15.5%
Firefox, Firefox ESR, Thunderbird are vulnerable to an Arbitrary Code Execution vulnerability. The vulnerability is due to leveraging the Windows Error Reporter to run arbitrary code, escaping the sandbox.
Related
vulnrichment
vulnrichment
CVE-2024-2605
2024-03-19 12:02:51
alpinelinux
alpinelinux
CVE-2024-2605
2024-03-19 12:15:08
redhatcve
redhatcve
CVE-2024-2605
2024-03-21 11:00:58
osv
osv
CGA-rvjh-4fjc-h9x3
2024-06-06 12:26:23
MozillaThunderbird-115.9.0-1.1 on GA media
2024-06-15 00:00:00
MozillaFirefox-124.0.1-1.1 on GA media
2024-06-15 00:00:00
nvd
nvd
CVE-2024-2605
2024-03-19 12:15:08
cnvd
cnvd
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14974)
2024-03-21 00:00:00
ubuntucve
ubuntucve
CVE-2024-2605
2024-03-19 00:00:00
cgr
cgr
CVE-2024-2605 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2024-2605
2024-03-19 12:15:08
cvelist
cvelist
CVE-2024-2605
2024-03-19 12:02:51
cve
cve
CVE-2024-2605
2024-03-19 12:15:08
redos
redos
ROS-20240820-01
2024-08-20 00:00:00
openvas
openvas
Mozilla Firefox ESR Security Update (mfsa_2024-13) - Windows
2024-03-25 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-14) - Windows
2024-03-25 00:00:00
Slackware: Security Advisory (SSA:2024-079-02)
2024-03-20 00:00:00
nessus
nessus
Fedora 40 : thunderbird (2024-fc2ae12c31)
2024-04-29 00:00:00
Mozilla Thunderbird < 115.9
2024-03-19 00:00:00
Fedora 39 : thunderbird (2024-9f8235fb21)
2024-03-20 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Firefox ESR 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Firefox 124 — Mozilla
2024-03-19 00:00:00
kaspersky
kaspersky
KLA65225 Multiple vulnerabilities in Mozilla Firefox ESR
2024-03-19 00:00:00
KLA65226 Multiple vulnerabilities in Mozilla Thunderbird
2024-03-19 00:00:00
KLA65224 Multiple vulnerabilities in Mozilla Firefox
2024-03-19 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-03-20 00:27:50
[slackware-security] mozilla-thunderbird
2024-03-20 00:28:21
ibm
ibm
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
6.7
Confidence
High
EPSS
0
Percentile
15.5%
Related for VERACODE:46349