Lucene search

Veracode Vulnerability DatabaseVERACODE:47063

HistoryMay 20, 2024 - 12:14 p.m.

Use-after-free

2024-05-2012:14:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

firefox

vulnerability

memory allocation

code execution

attackers

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

AI Score

6.8

Confidence

Low

JSON

Firefox is vulnerable to a use-after-free . The vulnerability is due to a missing memory allocation check, which could lead to a crash or potentially be leveraged by attackers to achieve code execution.

References

bugzilla.mozilla.org/show_bug.cgi?id=1893891

security-tracker.debian.org/tracker/CVE-2024-4771

www.mozilla.org/security/advisories/mfsa2024-21/

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

AI Score

6.8

Confidence

Low

JSON

Related for VERACODE:47063