Description

On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

INFO

Published Date :

2024-04-16T15:14:07.543Z

Last Modified :

2024-08-01T20:26:56.940Z

Source :

mozilla
AFFECTED PRODUCTS

The following products are affected by CVE-2024-3859 vulnerability.

Vendors Products
Debian
  • Debian Linux
Mozilla
  • Firefox
  • Thunderbird
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact