Firefox Patches Multiple High Severity Vulnerabilities
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Mozilla has released Firefox 129, addressing multiple high-severity vulnerabilities. These patches are critical for enhancing the browser’s security and protecting users from potential exploits.
Detailed Vulnerability Table
The latest Firefox update patches several critical vulnerabilities, each significantly impacting user security. Below is a summary of the most notable issues:
CVE ID Impact Description References CVE-2024-7518HighOut-of-bounds memory access in graphics shared memory handling.Bug 1875354CVE-2024-7519HighOut of bounds memory access in graphics shared memory handling.Bug 1902307CVE-2024-7520The fullscreen notification dialog can be obscured by document content.Type confusion in WebAssembly.Bug 1903041CVE-2024-7521HighIncomplete WebAssembly exception handling.Bug 1904644CVE-2024-7522HighOut of bounds read in editor component.Bug 1906727CVE-2024-7523HighDocument content could partially obscure security prompts (affects Android versions).Bug 1908344CVE-2024-7524HighCSP strict-dynamic bypass using web-compatibility shims.Bug 1909241CVE-2024-7525HighMissing permission check when creating a StreamFilter.Bug 1909298CVE-2024-7526HighUninitialized memory used by WebGL.Bug 1910306CVE-2024-7527HighUse-after-free in JavaScript garbage collection.Bug 1871303CVE-2024-7528HighUse-after-free in IndexedDB.Bug 1895951CVE-2024-7529ModerateDocument content could partially obscure security prompts.Bug 1903187CVE-2024-7530ModerateUse-after-free in JavaScript code coverage collection.Bug 1904011CVE-2024-7531LowPK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines.Bug 1910306
The vulnerabilities addressed in this update pose significant risks, including potential spoofing attacks, memory corruption, sandbox escapes, and unauthorized data access.
For instance, CVE-2024-7518 could allow a malicious site to obscure fullscreen notification dialogs, potentially tricking users into performing unintended actions.
Similarly, CVE-2024-7519 involves out-of-bounds memory access, which could lead to memory corruption and sandbox escapes. Given the high impact of these vulnerabilities, users are strongly advised to update their Firefox browsers to version 129 immediately.
This update enhances security and ensures a safer browsing experience by mitigating the risks associated with these vulnerabilities.
Mozilla’s proactive approach to addressing these issues underscores the importance of regular software updates and vigilance in cybersecurity practices. Users should remain informed about such updates and apply them promptly to protect their data and privacy.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Firefox Patches Multiple High Severity Vulnerabilities
Author: DhivyaMozilla has released Firefox 129, addressing multiple high-severity vulnerabilities. These patches are critical for enhancing the browser’s security and protecting users from potential exploits.
Detailed Vulnerability Table
The latest Firefox update patches several critical vulnerabilities, each significantly impacting user security. Below is a summary of the most notable issues:
CVE ID Impact Description References CVE-2024-7518HighOut-of-bounds memory access in graphics shared memory handling.Bug 1875354CVE-2024-7519HighOut of bounds memory access in graphics shared memory handling.Bug 1902307CVE-2024-7520The fullscreen notification dialog can be obscured by document content.Type confusion in WebAssembly.Bug 1903041CVE-2024-7521HighIncomplete WebAssembly exception handling.Bug 1904644CVE-2024-7522HighOut of bounds read in editor component.Bug 1906727CVE-2024-7523HighDocument content could partially obscure security prompts (affects Android versions).Bug 1908344CVE-2024-7524HighCSP strict-dynamic bypass using web-compatibility shims.Bug 1909241CVE-2024-7525HighMissing permission check when creating a StreamFilter.Bug 1909298CVE-2024-7526HighUninitialized memory used by WebGL.Bug 1910306CVE-2024-7527HighUse-after-free in JavaScript garbage collection.Bug 1871303CVE-2024-7528HighUse-after-free in IndexedDB.Bug 1895951CVE-2024-7529ModerateDocument content could partially obscure security prompts.Bug 1903187CVE-2024-7530ModerateUse-after-free in JavaScript code coverage collection.Bug 1904011CVE-2024-7531LowPK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines.Bug 1910306
The vulnerabilities addressed in this update pose significant risks, including potential spoofing attacks, memory corruption, sandbox escapes, and unauthorized data access.
For instance, CVE-2024-7518 could allow a malicious site to obscure fullscreen notification dialogs, potentially tricking users into performing unintended actions.
Similarly, CVE-2024-7519 involves out-of-bounds memory access, which could lead to memory corruption and sandbox escapes. Given the high impact of these vulnerabilities, users are strongly advised to update their Firefox browsers to version 129 immediately.
This update enhances security and ensures a safer browsing experience by mitigating the risks associated with these vulnerabilities.
Mozilla’s proactive approach to addressing these issues underscores the importance of regular software updates and vigilance in cybersecurity practices. Users should remain informed about such updates and apply them promptly to protect their data and privacy.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
