This content originally appeared on DEV Community and was authored by Freedom Coder
CVE ID
CVE-2024-9680
Vulnerability Name
Mozilla Firefox Use-After-Free Vulnerability
- Project: Mozilla
- Product: Firefox
Date
- Date Added: 2024-10-15
- Due Date: 2024-11-05
Description
Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-9680
Related Security News
- Details emerge on WinRAR zero-day attacks that infected PCs with malware
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products
- Mozilla warns Windows users of critical Firefox sandbox escape flaw
- Firefox and Windows zero-days exploited by Russian RomCom hackers
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
- SolarWinds Web Help Desk flaw is now exploited in attacks
More CVEs Info
Common Vulnerabilities & Exposures (CVE) List
This content originally appeared on DEV Community and was authored by Freedom Coder