CVE-2024-11693

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 26, 2024
Updated: Nov 27, 2024

Summary

CVE-2024-11693 is a vulnerability that affects Firefox versions below 133 and Firefox ESR below 128.5, as well as Thunderbird versions below 133 and 128.5 for Windows operating systems. This issue arises from the failure to display a warning message when downloading .library-ms files. This oversight could potentially expose users to security risks, as they may inadvertently download malicious files without proper notification. It is essential that users update their browsers to the latest versions to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Mozilla Thunderbird
  • Mozilla Firefox
  • Mozilla Firefox ESR

Affected Vendors

  • Mozilla