PT-2024-7810 · Mozilla+8 · Thunderbird+9

Published

2024-10-01

·

Updated

2026-02-02

·

CVE-2024-9403

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 131 Thunderbird versions prior to 131
Description The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code with enough effort. This is a result of a buffer overflow in memory, allowing a remote attacker to execute arbitrary code.
Recommendations For Firefox versions prior to 131, update to version 131 or later to resolve the issue. For Thunderbird versions prior to 131, update to version 131 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive features or modules in Firefox and Thunderbird until the update is applied.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

ALSA-2024:7552
ALSA-2024:7699
ALSA-2024:7700
ALT-PU-2024-13895
ALT-PU-2024-15839
ALT-PU-2025-11100
ALT-PU-2025-14599
ALT-PU-2025-5137
ALT-PU-2025-7695
BDU:2024-09310
CESA-2024_7699
CVE-2024-9403
INFSA-2024_7552
INFSA-2024_7699
OPENSUSE-SU-2024:14385-1
RHSA-2024:7552
RHSA-2024:7621
RHSA-2024:7622
RHSA-2024:7646
RHSA-2024:7699
RHSA-2024:7702
RHSA-2024:7703
RHSA-2024:7704
RHSA-2024:7842
RHSA-2024:7853
RHSA-2024:7854
RHSA-2024:7855
RHSA-2024:7856
RHSA-2024:8166
RHSA-2024:8169
RHSA-2024_7552
RHSA-2024_7699
RLSA-2024:7699
USN-7056-1
USN-7991-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Linuxmint
Red Hat
Rocky Linux
Thunderbird
Ubuntu