Date: Thu, 10 Oct 2024 17:54:13 +0200 From: Tomek CEDRO <tomek@cedro.info> To: freebsd-security <freebsd-security@freebsd.org>, gecko@freebsd.org, freebsd-ports <freebsd-ports@freebsd.org> Subject: CVE-2024-9680/9.8: Firefox. Message-ID: <CAFYkXj=OqDuB482PCqK47uwpiXhNefbx1ZbL76z2dQ=L0w4hdA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, and Firefox ESR < 115.16.1. https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ https://nvd.nist.gov/vuln/detail/CVE-2024-9680 -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFYkXj=OqDuB482PCqK47uwpiXhNefbx1ZbL76z2dQ=L0w4hdA>