Vulnerability CVE-2024-2605: Information
Description
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Published: March 19, 2024
Modified: March 19, 2024
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
firefox | sisyphus | 124.0-alt1 | 125.0.2-alt1 | ALT-PU-2024-4271-2 | 343190 | Fixed |
firefox | sisyphus_riscv64 | 124.0.1-alt0.port | 124.0.1-alt0.port | ALT-PU-2024-6052-1 | - | Fixed |
firefox | sisyphus_loongarch64 | 124.0-alt1.0.port | 125.0.1-alt1.0.port | ALT-PU-2024-4597-1 | - | Fixed |
firefox-esr | sisyphus | 115.9.1-alt1 | 115.10.0-alt1 | ALT-PU-2024-4963-2 | 344244 | Fixed |
firefox-esr | sisyphus_loongarch64 | 115.9.1-alt1 | 115.10.0-alt1 | ALT-PU-2024-5937-1 | - | Fixed |
firefox-esr | p10 | 115.9.1-alt1 | 115.10.0-alt1 | ALT-PU-2024-4971-3 | 344254 | Fixed |
firefox-esr | c10f1 | 115.9.1-alt0.c10.1 | 115.9.1-alt0.c10.1 | ALT-PU-2024-6027-2 | 344289 | Fixed |
thunderbird | sisyphus | 115.9.0-alt1 | 115.9.0-alt1 | ALT-PU-2024-4973-2 | 344245 | Fixed |
thunderbird | sisyphus_loongarch64 | 115.9.0-alt1 | 115.9.0-alt1 | ALT-PU-2024-5939-1 | - | Fixed |
thunderbird | p10 | 115.9.0-alt1 | 115.9.0-alt1 | ALT-PU-2024-5117-3 | 344280 | Fixed |
thunderbird | c10f1 | 115.9.0-alt0.c10.1 | 115.9.0-alt0.c10.1 | ALT-PU-2024-6213-2 | 344693 | Fixed |