CVE-2024-2608

Mozilla: Integer overflow could have led to out of bounds write

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` y `AppendEncodedCharacters()` podrían haber experimentado desbordamientos de enteros, lo que provocó una asignación insuficiente de un búfer de salida, lo que provocó una escritura fuera de los límites. Esta vulnerabilidad afecta a Firefox < 124, Firefox ESR < 115.9 y Thunderbird < 115.9.

The Mozilla Foundation Security Advisory describes this flaw as:

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write.

*Credits: Ronald Crane

CVSS Scores

Red Hatv3.1 7.5

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2024-03-18 CVE Reserved
2024-03-19 CVE Published
2024-03-26 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-680: Integer Overflow to Buffer Overflow

CAPEC

References (8)

URL	Tag	Source
https://bugzilla.mozilla.org/show_bug.cgi?id=1880692
https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
https://www.mozilla.org/security/advisories/mfsa2024-12
https://www.mozilla.org/security/advisories/mfsa2024-13
https://www.mozilla.org/security/advisories/mfsa2024-14

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2024-2608	2024-03-25
https://bugzilla.redhat.com/show_bug.cgi?id=2270661	2024-03-25

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
-		-				-		-		-