CVE-2024-6606

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 9, 2024

Updated: Jul 16, 2024

Summary

CVE-2024-6606 is a vulnerability affecting Firefox versions below 128 and Thunderbird versions below 128. The issue lies in a clipboard component where an array index is not properly checked during access. This oversight can result in an out-of-bounds read, potentially leading to unintended code execution or memory corruption. The vulnerability could be exploited by an attacker who manages to trick the user into opening a maliciously crafted file or website.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mozilla Firefox

Affected Vendors

Mozilla

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/w6WbWD
https://www.cve.org/CVERecord?id=CVE-2024-6606
https://nvd.nist.gov/vuln/detail/CVE-2024-6606

Back to Vulnerability Database