Security Advisory

Mozilla Products July 2024 1st Security Update Advisory

  • Jul 10 2024

Overview

 

An update has been made available to address a vulnerability in the Mozilla family of products (Firefox ESR, Firefox versions). Users of affected products are advised to update to the latest version.

 

Affected Products

 

Firefox 128 previous version

Firefox ESR 115.13 previous version

 

Resolved Vulnerabilities

 

Moderate memory corruption vulnerability in the NSS functionality in Firefox ESR (CVE-2024-6602) [1]

A high-level Firefox Android missed activation delay to prevent tapjacking vulnerability in Firefox (CVE-2024-6605) [2]

Moderate vulnerability in Firefox that could prevent Esc from escaping the pointer lock (CVE-2024-6607) [2]

A moderate form validation popup in Firefox could prevent exiting full screen mode (CVE-2024-6610) [2] [2

Moderate memory corruption vulnerability in the NSS functionality in Firefox (CVE-2024-6609) [2]

High-level out-of-bounds read vulnerability in the clipboard component function in Firefox (CVE-2024-6606) [2]

A moderate vulnerability in the pointerlock function in Firefox could allow the cursor to move out of the viewport (CVE-2024-6608) [2]

High-level memory security verification error vulnerability in Firefox, Firefox ESR (CVE-2024-6604) [1], [2]

Moderate Race Condition Vulnerability in Firefox, Firefox ESR (CVE-2024-6601) [1], [2

Moderate Memory Corruption Vulnerability in the WebGL API Functionality in Firefox, Firefox ESR (CVE-2024-6600) [1], [2]

Firefox, Moderate Memory Corruption Vulnerability in the Thread Creation Function in Firefox ESR (CVE-2024-6603) [1], [2]

 

Vulnerability Patches

 

The following Vulnerability Patches were made available in the 07/09/2024 update. For more information on Vulnerability Patches, please refer to the “Mozilla” Referenced Sites documentation.

Firefox ESR 115.13 version

Firefox 128 version

 

Referenced Sites

 

[1] Security Vulnerabilities fixed in Firefox ESR 115.13

https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/

[2] Security Vulnerabilities fixed in Firefox 128

https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/

[3] Update Firefox to the latest release

https://support.mozilla.org/ko/kb/update-firefox-latest-release

Tags:

Previous Post

Next Post