PT-2024-10430 · Mozilla+9 · Thunderbird+11

Andrew Mccreight

Published

2024-10-29

Updated

2026-02-02

CVE-2024-10467

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 132 Firefox ESR versions prior to 128.4 Thunderbird versions prior to 128.4 Thunderbird versions prior to 132

Description The issue is related to a buffer overflow, which can be exploited by a remote attacker to cause a denial of service. Memory safety bugs are present, showing evidence of memory corruption, and it is presumed that some of these could be exploited to run arbitrary code with enough effort.

Recommendations For Firefox versions prior to 132, update to version 132 or later. For Firefox ESR versions prior to 128.4, update to version 128.4 or later. For Thunderbird versions prior to 128.4, update to version 128.4 or later. For Thunderbird versions prior to 132, update to version 132 or later.

Fix

Out of bounds Read

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787CWE-120

Related Identifiers

ALSA-2024:8726

ALSA-2024:8729

ALSA-2024:8790

ALSA-2024:8793

ALSA-2024:9552

ALSA-2024:9554

ALT-PU-2024-15089

ALT-PU-2024-15091

ALT-PU-2024-15092

ALT-PU-2024-15839

ALT-PU-2024-15840

ALT-PU-2024-15841

BDU:2025-00962

CESA-2024_8729

CESA-2024_8790

CVE-2024-10467

DLA-3943-1

DLA-3944-1

DSA-5801-1

DSA-5803-1

INFSA-2024_8726

INFSA-2024_8729

INFSA-2024_8790

INFSA-2024_8793

INFSA-2024_9552

INFSA-2024_9554

MGASA-2024-0349

MGASA-2024-0350

OESA-2024-2342

OESA-2025-1265

OESA-2025-1268

OESA-2025-1835

OPENSUSE-SU-2024:14438-1

OPENSUSE-SU-2024:14461-1

OPENSUSE-SU-2024:14483-1

OPENSUSE-SU-2024:14572-1

OPENSUSE-SU-2024_3898-1

OPENSUSE-SU-2024_4050-1

RHSA-2024:8720

RHSA-2024:8721

RHSA-2024:8722

RHSA-2024:8723

RHSA-2024:8724

RHSA-2024:8725

RHSA-2024:8726

RHSA-2024:8727

RHSA-2024:8728

RHSA-2024:8729

RHSA-2024:8790

RHSA-2024:8793

RHSA-2024:9015

RHSA-2024:9016

RHSA-2024:9017

RHSA-2024:9018

RHSA-2024:9019

RHSA-2024:9552

RHSA-2024:9554

RHSA-2024_8726

RHSA-2024_8729

RHSA-2024_8790

RHSA-2024_8793

RHSA-2024_9552

RHSA-2024_9554

RLSA-2024:8726

RLSA-2024:8729

RLSA-2024:8790

RLSA-2024:8793

ROSA-SA-2025-2563

SUSE-SU-2024:3898-1

SUSE-SU-2024:3899-1

SUSE-SU-2024:4050-1

USN-7086-1

USN-7991-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Firefox

Firefox Esr

Linuxmint

Red Hat

Rocky Linux

Suse

Thunderbird

Ubuntu

PT-2024-10430 · Mozilla+9 · Thunderbird+11

CVE-2024-10467

Weakness Enumeration

Related Identifiers

Affected Products

References · 2351