CVE-2024-2608 Information

Mar 20, 2024 cve

Description

AppendEncodedAttributeValue() ExtraSpaceNeededForAttrEncoding() and AppendEncodedCharacters() could have experienced integer overflows causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124 Firefox ESR < 115.9 and Thunderbird < 115.9.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1880692 https://www.mozilla.org/security/advisories/mfsa2024-12/ https://www.mozilla.org/security/advisories/mfsa2024-13/ https://www.mozilla.org/security/advisories/mfsa2024-14/

Share on: