`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Metrics
Affected Vendors & Products
References
History
Thu, 13 Mar 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Thu, 13 Feb 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mozilla
Mozilla firefox Mozilla firefox Esr Mozilla thunderbird |
|
CPEs | cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:* cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Mozilla
Mozilla firefox Mozilla firefox Esr Mozilla thunderbird |
|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2025-03-13T14:40:17.491Z
Reserved: 2024-03-18T16:22:22.788Z
Link: CVE-2024-2608

Updated: 2024-08-01T19:18:48.282Z

Status : Awaiting Analysis
Published: 2024-03-19T12:15:08.843
Modified: 2025-03-13T15:15:43.520
Link: CVE-2024-2608
