PT-2024-4662 · Mozilla+10 · Thunderbird+12

Published

2024-06-06

Updated

2025-03-21

CVE-2024-5700

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 127 Firefox ESR versions prior to 115.12 Thunderbird versions prior to 115.12

Description: The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code. This is also described as a buffer overflow vulnerability in memory, allowing a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations: For Firefox versions prior to 127, update to version 127 or later. For Firefox ESR versions prior to 115.12, update to version 115.12 or later. For Thunderbird versions prior to 115.12, update to version 115.12 or later.

Exploit

Fix

Buffer Overflow

Access of Memory Location After End of Buffer

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-786CWE-119CWE-788

Related Identifiers

ALSA-2024:3954

ALSA-2024:3955

ALSA-2024:4002

ALSA-2024:4036

ALT-PU-2024-13895

ALT-PU-2024-13897

ALT-PU-2024-13898

ALT-PU-2024-14780

ALT-PU-2024-14892

ALT-PU-2024-15087

ALT-PU-2024-15175

ALT-PU-2024-15839

ALT-PU-2024-15840

ALT-PU-2024-15841

BDU:2024-05170

CESA-2024_3954

CESA-2024_4036

CVE-2024-5700

DLA-3825-1

DLA-3836-1

DSA-5709-1

DSA-5711-1

INFSA-2024_3954

INFSA-2024_3955

INFSA-2024_4002

INFSA-2024_4036

MGASA-2024-0222

MGASA-2024-0231

OESA-2024-1786

OESA-2025-1322

OESA-2025-1323

OPENSUSE-SU-2024:14044-1

OPENSUSE-SU-2024:14049-1

OPENSUSE-SU-2024:14572-1

OPENSUSE-SU-2024_2061-1

RHSA-2024:3949

RHSA-2024:3950

RHSA-2024:3951

RHSA-2024:3952

RHSA-2024:3953

RHSA-2024:3954

RHSA-2024:3955

RHSA-2024:3958

RHSA-2024:3972

RHSA-2024:4001

RHSA-2024:4002

RHSA-2024:4003

RHSA-2024:4004

RHSA-2024:4015

RHSA-2024:4016

RHSA-2024:4018

RHSA-2024:4036

RHSA-2024:4063

RHSA-2024_3951

RHSA-2024_3954

RHSA-2024_3955

RHSA-2024_4002

RHSA-2024_4016

RHSA-2024_4036

RLSA-2024:3954

RLSA-2024:3955

RLSA-2024:4002

RLSA-2024:4036

SUSE-SU-2024:2012-1

SUSE-SU-2024:2061-1

SUSE-SU-2024:2073-1

SUSE-SU-2024:2371-1

SUSE-SU-2024:2399-1

USN-6840-1

USN-6862-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Firefox

Firefox Esr

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Thunderbird

Ubuntu

PT-2024-4662 · Mozilla+10 · Thunderbird+12

CVE-2024-5700

Weakness Enumeration

Related Identifiers

Affected Products

References · 2047