CVE-2024-2608

HIGH Year: 2024
CVSS v3 Score
8.4
High
Weakness Type
CWE-680
View all →

Vulnerability Description

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Related Vulnerabilities

CVE-2021-30354

HIGH
CVSS:8.6(High)

Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruptio...

CWE-6802021

CVE-2019-18568

HIGH
CVSS:8.1(High)

Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user.

CWE-6802019

CVE-2021-21832

HIGH
CVSS:8.1(High)

A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can lead to an out-of-bounds write. An attack...

CWE-6802021

CVE-2019-5087

HIGH
CVSS:8.8(High)

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row...

CWE-6802019

CVE-2020-10929

HIGH
CVSS:8.8(High)

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vuln...

CWE-6802020

CVE-2020-6099

HIGH
CVSS:8.8(High)

An exploitable code execution vulnerability exists in the file format parsing functionality of Graphisoft BIMx Desktop Viewer 2019.2.2328. A specially crafted file can cause a heap buffer overflow res...

CWE-6802020