CVE-2024-7527

Summary

CVE-2024-7527 is a use-after-free vulnerability affecting multiple versions of Firefox (<129, ESR < 115.14, ESR < 128.1), and Thunderbird (<128.1, <115.14). The flaw arises when marking work is unexpectedly initiated at the start of sweeping, potentially leading to memory being accessed after it has been freed. This issue may result in arbitrary code execution or crashes, posing a significant security risk to users. It is essential to update these applications to their latest patched versions to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.