CVE-2024-9680 - Mozilla Firefox Use-After-Free Vulnerability

项目:Mozilla

产品:Firefox

添加日期:2024-10-15到期日:2024-11-05最后更新:January 29, 2026

漏洞名称

Mozilla Firefox Use-After-Free Vulnerability

描述

Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.

已知用于勒索软件活动吗?

Known

采集行动

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

其他说明

https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/

https://nvd.nist.gov/vuln/detail/CVE-2024-9680

相关新闻文章

Details emerge on WinRAR zero-day attacks that infected PCs with malwareAugust 11, 2025

Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security ProductsApril 29, 2025

Mozilla warns Windows users of critical Firefox sandbox escape flawMarch 27, 2025

Firefox and Windows zero-days exploited by Russian RomCom hackersNovember 26, 2024

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated CyberattacksNovember 26, 2024

相关 CWE

CWE-416