Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
                
            Metrics
Affected Vendors & Products
Advisories
    | Source | ID | Title | 
|---|---|---|
|  Debian DLA | DLA-3720-1 | thunderbird security update | 
|  Debian DLA | DLA-3727-1 | firefox-esr security update | 
|  Debian DSA | DSA-5605-1 | thunderbird security update | 
|  Debian DSA | DSA-5606-1 | firefox-esr security update | 
|  EUVD | EUVD-2024-16544 | Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | 
|  Ubuntu USN | USN-6610-1 | Firefox vulnerabilities | 
|  Ubuntu USN | USN-6669-1 | Thunderbird vulnerabilities | 
Fixes
    Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
        History
                    Fri, 18 Oct 2024 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-94 | |
| Metrics | ssvc 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2025-05-22T17:36:55.681Z
Reserved: 2024-01-19T16:52:26.998Z
Link: CVE-2024-0755
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-08-01T18:18:18.313Z
 NVD
                        NVD
                    Status : Modified
Published: 2024-01-23T14:15:38.820
Modified: 2025-05-22T18:15:37.667
Link: CVE-2024-0755
 Redhat
                        Redhat
                     OpenCVE Enrichment
                        OpenCVE Enrichment
                    No data.