Search for vulnerabilities
Vulnerability details: VCID-r51b-dt6u-aaam
Vulnerability ID VCID-r51b-dt6u-aaam
Aliases CVE-2024-5700
Summary Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5700.json
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00085 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
epss 0.00303 https://api.first.org/data/v1/epss?cve=CVE-2024-5700
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2024-26
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2024-28
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5700.json
https://api.first.org/data/v1/epss?cve=CVE-2024-5700
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702
https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
https://www.mozilla.org/security/advisories/mfsa2024-25/
https://www.mozilla.org/security/advisories/mfsa2024-26/
https://www.mozilla.org/security/advisories/mfsa2024-28/
2291401 https://bugzilla.redhat.com/show_bug.cgi?id=2291401
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
CVE-2024-5700 https://nvd.nist.gov/vuln/detail/CVE-2024-5700
GLSA-202408-02 https://security.gentoo.org/glsa/202408-02
GLSA-202412-06 https://security.gentoo.org/glsa/202412-06
GLSA-202412-13 https://security.gentoo.org/glsa/202412-13
mfsa2024-25 https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
mfsa2024-26 https://www.mozilla.org/en-US/security/advisories/mfsa2024-26
mfsa2024-28 https://www.mozilla.org/en-US/security/advisories/mfsa2024-28
RHSA-2024:3949 https://access.redhat.com/errata/RHSA-2024:3949
RHSA-2024:3950 https://access.redhat.com/errata/RHSA-2024:3950
RHSA-2024:3951 https://access.redhat.com/errata/RHSA-2024:3951
RHSA-2024:3952 https://access.redhat.com/errata/RHSA-2024:3952
RHSA-2024:3953 https://access.redhat.com/errata/RHSA-2024:3953
RHSA-2024:3954 https://access.redhat.com/errata/RHSA-2024:3954
RHSA-2024:3955 https://access.redhat.com/errata/RHSA-2024:3955
RHSA-2024:3958 https://access.redhat.com/errata/RHSA-2024:3958
RHSA-2024:3972 https://access.redhat.com/errata/RHSA-2024:3972
RHSA-2024:4001 https://access.redhat.com/errata/RHSA-2024:4001
RHSA-2024:4002 https://access.redhat.com/errata/RHSA-2024:4002
RHSA-2024:4003 https://access.redhat.com/errata/RHSA-2024:4003
RHSA-2024:4004 https://access.redhat.com/errata/RHSA-2024:4004
RHSA-2024:4015 https://access.redhat.com/errata/RHSA-2024:4015
RHSA-2024:4016 https://access.redhat.com/errata/RHSA-2024:4016
RHSA-2024:4018 https://access.redhat.com/errata/RHSA-2024:4018
RHSA-2024:4036 https://access.redhat.com/errata/RHSA-2024:4036
RHSA-2024:4063 https://access.redhat.com/errata/RHSA-2024:4063
USN-6840-1 https://usn.ubuntu.com/6840-1/
USN-6862-1 https://usn.ubuntu.com/6862-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5700.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.11214
EPSS Score 0.00044
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-06-11T16:46:18.829986+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2024/mfsa2024-25.yml 34.0.0rc4