Showing 1 - 22 of 22

CVE-2024-4367

Status Candidate

Overview

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

Related Files

Red Hat Security Advisory 2024-3784-03: Posted Jun 11, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3784-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.10. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 5fb3db6c947c2cfe0a5662dbd910df7ada7d331d3372a1c478d88507de1840b8; Download | Favorite | View

Red Hat Security Advisory 2024-3783-03: Posted Jun 11, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3783-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.10. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 6df7b417c1d4cd2c965f9388462d93259f0500b3e20694b142c718dc9155f3db; Download | Favorite | View

Ubuntu Security Notice USN-6779-2: Posted May 29, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6779-2 - USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js. Irvan Kurniawan discovered that Firefox did not properly handle certain font styles when saving a page to PDF. An attacker could potentially exploit this issue to cause a denial of service.; tags | advisory, denial of service, arbitrary, javascript, vulnerability; systems | linux, ubuntu; advisories | CVE-2024-4367, CVE-2024-4764, CVE-2024-4768, CVE-2024-4770, CVE-2024-4774; SHA-256 | 04753870be2f86ad507c1b333e07383bc770d2d1eff3370507f9073d2cd6e5b7; Download | Favorite | View

Red Hat Security Advisory 2024-3338-03: Posted May 24, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3338-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 3f228a2c59de76a7dc3e113a7aceb22495cf8344188999beb4e231f054e25539; Download | Favorite | View

Ubuntu Security Notice USN-6782-1: Posted May 22, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6782-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Thomas Rinsma discovered that Thunderbird did not properly handle type check when handling fonts in PDF.js. An attacker could potentially exploit this issue to execute arbitrary javascript code in PDF.js.; tags | advisory, denial of service, arbitrary, javascript; systems | linux, ubuntu; advisories | CVE-2024-4367, CVE-2024-4769, CVE-2024-4770, CVE-2024-4777; SHA-256 | 0f0a71c347b975f78289e67052bdd319bc9db3306585631d3361530ff7c998bf; Download | Favorite | View

Ubuntu Security Notice USN-6779-1: Posted May 21, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6779-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory when audio input connected with multiple consumers. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2024-4367, CVE-2024-4764, CVE-2024-4768, CVE-2024-4769, CVE-2024-4770, CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4777; SHA-256 | 4d7400f325f71baca26df6b20cae1eea1678bfef4723ae53fb8cbfd57b547707; Download | Favorite | View

Red Hat Security Advisory 2024-2913-03: Posted May 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2913-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | b286911f8f2ccbdba2147ca7ed92a1181b46767b3fe9467062f47d2e0322c000; Download | Favorite | View

Red Hat Security Advisory 2024-2912-03: Posted May 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2912-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 72ffe5c9b63b9a2467e3123709efa06c7a9c241e59d2b3b1b58bbfe44e1f2997; Download | Favorite | View

Red Hat Security Advisory 2024-2911-03: Posted May 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2911-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 50b888e78ccd9b3a99ff22067922faf010ab713758a26824e49eb24f88b9cc5d; Download | Favorite | View

Red Hat Security Advisory 2024-2906-03: Posted May 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2906-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 7b94c73554df84d8183307e43c7b6b216c1b1a982a43a02db601c696e84623dd; Download | Favorite | View

Red Hat Security Advisory 2024-2905-03: Posted May 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2905-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | e4786df888e9c851b351a1b17f07f2a5b340a3c4c49d3018b3e15e1b10197f92; Download | Favorite | View

Red Hat Security Advisory 2024-2904-03: Posted May 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2904-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | ae4dc0794869675d8b1122f86a47350604a78f1ab23379450bf90c3d08e211cd; Download | Favorite | View

Red Hat Security Advisory 2024-2903-03: Posted May 20, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2903-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 247c8a726441d357e636b329d21fa0ad8ccd38680db4388ebf58346190841ac6; Download | Favorite | View

Red Hat Security Advisory 2024-2888-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2888-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 21db38bf086075725ff3e5526ac8e20b3ad40751720bfaf69829caad37831761; Download | Favorite | View

Red Hat Security Advisory 2024-2887-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2887-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | ede70f97ff2d5c1a0603673831eb2273af7d30881ae7d992f0811addc426b9ef; Download | Favorite | View

Red Hat Security Advisory 2024-2886-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2886-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 9c2ae4da0cc2fd3fd124ea07d6265a91a321538cd9cbf85cbf4a7f860ee0e9d5; Download | Favorite | View

Red Hat Security Advisory 2024-2885-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2885-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | d3608a93edde5c8d737d8a09c4bdda2cc8d3e242c84f6227483fec6e8300f23f; Download | Favorite | View

Red Hat Security Advisory 2024-2884-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2884-03 - An update for Firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | d979bee709d33fbb920cd344a75b7acab229d6bf77189796b7921d27f876d317; Download | Favorite | View

Red Hat Security Advisory 2024-2883-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2883-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | b33c57532a0ad950501c59048ee3b4c319820005dae536a75e088ad0d43e7c9a; Download | Favorite | View

Red Hat Security Advisory 2024-2882-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2882-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | 546138da6ec278f306d546b45c068784d74f9b966450e259e6cccda79db1d2f4; Download | Favorite | View

Red Hat Security Advisory 2024-2881-03: Posted May 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2881-03 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and use-after-free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2024-4367; SHA-256 | c8fc30ed17b5037c9e9011f111b30dc67dd838f516e1dfb7e42aaf1e960f21e6; Download | Favorite | View

Debian Security Advisory 5691-1: Posted May 16, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5691-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or clickjacking.; tags | advisory, web, arbitrary; systems | linux, debian; advisories | CVE-2024-4367, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, CVE-2024-4770, CVE-2024-4777; SHA-256 | 1e42e075ffdd6f372b1ecc77b3c2d50b843d84eee3c7205c4a598520c46d85ab; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 86 files
Gentoo 31 files
Debian 17 files
tmrswrr 8 files
Sina Kheirkhah 7 files
indoushka 5 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
bRpsd 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,456)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,351)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,673)
UNIX (9,429)
UnixWare (187)
Windows (6,667)
Other

CVE-2024-4367

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems