CVE-2024-3864 Vulnerability Details

  /     /     /  

CVE-2024-3864 Metadata Quick Info

CVE Published: 16/04/2024 | CVE Updated: 12/08/2024 | CVE Year: 2024
Source: mozilla | Vendor: Mozilla | Product: Firefox
Status : PUBLISHED

---

CVE-2024-3864 Description

Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
Source: Mozilla

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).