exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2024-1551

Status Candidate

Overview

Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Related Files

Gentoo Linux Security Advisory 202405-32
Posted May 13, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202405-32 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.10.0 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553, CVE-2024-1936, CVE-2024-2609, CVE-2024-3302, CVE-2024-3854, CVE-2024-3857, CVE-2024-3859
SHA-256 | 3283b7e266237a6df6b8dc58a8f3b51eb90071121c21462cfd91730f52a3efb9
Gentoo Linux Security Advisory 202405-15
Posted May 6, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202405-15 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to remote code execution. Versions greater than or equal to 115.8.0:esr are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553, CVE-2024-1554, CVE-2024-1555, CVE-2024-1556, CVE-2024-1557
SHA-256 | 126f3596099d2881a7490a64663b9d1583ba0463ce17ff35167d48f6edff1d12
Ubuntu Security Notice USN-6649-2
Posted Mar 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6649-2 - USN-6649-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. Johan Carlsson discovered that Firefox incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. Gary Kwong discovered that Firefox incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. Ronald Crane discovered that Firefox did not properly manage memory when accessing the built-in profiler. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, web, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-1546, CVE-2024-1548, CVE-2024-1551, CVE-2024-1552, CVE-2024-1555, CVE-2024-1556
SHA-256 | 57493f4eb5405080e87d75b58868c8d0c8ea4844948fc6ac9afc75823a5e7a6f
Ubuntu Security Notice USN-6669-1
Posted Mar 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6669-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-0741, CVE-2024-0746, CVE-2024-0747, CVE-2024-0749, CVE-2024-0755, CVE-2024-1546, CVE-2024-1547, CVE-2024-1549, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553
SHA-256 | 63ee0e6f83b4e9f77d873f79cf50c1f02a046461e6ad8e93392c9da32d118bfc
Debian Security Advisory 5630-1
Posted Feb 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5630-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553
SHA-256 | d28bce415e0153870f51c0a3a90c6dc32c960f44d25427214d3938b5389f18eb
Debian Security Advisory 5627-1
Posted Feb 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5627-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553
SHA-256 | fecc020dcddb2184341c57558aa3f486e8ee301dd59c165be89472e03edd082b
Ubuntu Security Notice USN-6649-1
Posted Feb 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6649-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-1546, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1554, CVE-2024-1555, CVE-2024-1556, CVE-2024-1557
SHA-256 | 915d1dd9c871ef5fa18727920f32a507f24302608c703c4e810bc2c237c6b315
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close