1. Home
  2. Vulnerabilities
  3. CVE-2024-3859

CVE-2024-3859

CVSS v3.1 5.9 (Medium)
59% Progress
EPSS 0.04 % (11th)
0.04% Progress
Advisories 31
NVD Status Awaiting Analysis
Info CVSS EPSS CAPEC References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

Weaknesses
CWE-125
Out-of-bounds Read
CWE-190
Integer Overflow or Wraparound
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
Mozilla Corporation
Published Date
2024-04-16 16:15:08
(5 months ago)
Updated Date
2024-07-03 02:06:47
(2 months ago)