CVE-2024-0751: High severity thunderbird vulnerability
Published Jan 23, 2024
·Updated
A malicious devtools extension could have been used to escalate privileges.
Affected Software
12 affected componentsFixes available
redhat/firefox<115.7
115.7
redhat/thunderbird<115.7
115.7
Mozilla Thunderbird<115.7
115.7
Mozilla Firefox<122
122
Mozilla Firefox ESR<115.7
115.7
Mozilla Firefox<122.0
Mozilla Firefox ESR<115.7
Mozilla Thunderbird<115.7
Debian Debian Linux=10.0
debian/firefox
137.0.1-1
debian/firefox-esr
115.14.0esr-1~deb11u1128.9.0esr-1~deb11u1128.8.0esr-1~deb12u1128.9.0esr-1~deb12u1128.9.0esr-2
debian/thunderbird
1:115.12.0-1~deb11u11:128.9.0esr-1~deb11u11:128.8.0esr-1~deb12u11:128.9.0esr-1~deb12u11:128.9.0esr-1
Event History
Jan 23, 2024
CVE Published
via Mozilla·12:00 AM
CVE Published
via MITRE·01:48 PM
Data Sourced
via MITRE·01:48 PM
DescriptionWeakness
Data Sourced
via NVD·02:15 PM
DescriptionSeverityWeaknessAffected Software
Data Sourced
via Red Hat·08:55 PM
DescriptionSeverityAffected Software
Feb 14, 2024
Data Sourced
via Launchpad·02:53 PM
Description
Sep 17, 2024
Data Sourced
via Ubuntu·03:30 PM
RemedyDescriptionSeverityAffected Software
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
Frequently Asked Questions
1
What is the severity of CVE-2024-0751?
CVE-2024-0751 has a critical severity rating due to its potential for privilege escalation.
2
How do I fix CVE-2024-0751?
To fix CVE-2024-0751, update your affected software to versions beyond 115.7 or apply the recommended patches.
3
What products are affected by CVE-2024-0751?
CVE-2024-0751 affects Mozilla Thunderbird, Firefox, and Firefox ESR versions up to 115.7.
4
Can CVE-2024-0751 be exploited remotely?
Yes, CVE-2024-0751 could potentially be exploited remotely through a malicious devtools extension.
5
What type of vulnerability is CVE-2024-0751?
CVE-2024-0751 is classified as a privilege escalation vulnerability.