what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2024-2614

Status Candidate

Overview

Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Related Files

Ubuntu Security Notice USN-7036-1
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7036-1 - It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application.

tags | advisory, remote, denial of service, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2022-30122, CVE-2022-30123, CVE-2022-44572, CVE-2023-27530, CVE-2023-27539, CVE-2024-25126, CVE-2024-26141, CVE-2024-26146
SHA-256 | c4acd1ffc8ca871047fb8a39618d9c0b95465770474d22abee717b0b2de788ad
Ubuntu Security Notice USN-6837-2
Posted Aug 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6837-2 - It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Rack incorrectly handled certain Range headers. A remote attacker could possibly use this issue to cause Rack to create large responses, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-25126, CVE-2024-26141, CVE-2024-26146
SHA-256 | 6f0095d079b25cf7e1b9d943359101008834a83e12a5eab69c27d05be7fb575d
Ubuntu Security Notice USN-6837-1
Posted Jun 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6837-1 - It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.10. It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-27530, CVE-2024-25126, CVE-2024-26141, CVE-2024-26146
SHA-256 | 824bad973b7cab22cded200621d28510e0c10f056f271c31954b083a1f0a7fcf
Debian Security Advisory 5698-1
Posted May 27, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5698-1 - Multiple security issues were found in Rack, an interface for developing web applications in Ruby, which could result in denial of service.

tags | advisory, web, denial of service, ruby
systems | linux, debian
advisories | CVE-2024-25126, CVE-2024-26141, CVE-2024-26146
SHA-256 | c1c37e27a20d3e72e78531a52e86cb1e39cc92edc299972478df2308d6692f22
Ubuntu Security Notice USN-6717-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6717-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-5388, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | c7e276778f2c974b0aa76f968f7adfbc3e4984a93e8eaf31675ad13306e8e12a
Debian Security Advisory 5644-1
Posted Mar 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5644-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-5388, CVE-2024-0743, CVE-2024-1936, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | 52c9ec4f8c2d47616afc49e17f3a3b204457658b0cbdb5e77c7a81280f8c2fce
Debian Security Advisory 5643-1
Posted Mar 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5643-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2023-5388, CVE-2024-0743, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | a448517a42a8f898647c5aa7c7b1e0258fff75928a056aa5b3eb6c5fe41ab76b
Ubuntu Security Notice USN-6703-1
Posted Mar 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6703-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Hubert Kario discovered that Firefox had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-5388, CVE-2024-2606, CVE-2024-2607, CVE-2024-2608, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2613, CVE-2024-2614
SHA-256 | 8925f4bfe2e00238817e4e82aaa72fa22ab5cbc166f07e21afc8f8a239ee2279
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close