CVE-2024-11708
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-11708 is a cybersecurity vulnerability affecting Firefox versions below 133 and Thunderbird versions below 133. This issue arises due to the absence of adequate thread synchronization primitives, which could result in a data race on the members of the PlaybackParams structure. The consequences of this vulnerability could potentially lead to unintended behavior or crashes, providing attackers with an opportunity to exploit the system. Successful exploitation requires manipulating thread execution to gain unauthorized access to sensitive data or execute malicious code. It is essential for users to update their browsers to the latest versions to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Mozilla Thunderbird
- Mozilla Firefox
Affected Vendors
- Mozilla