CVE-2024-3855

Summary

In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 125affected

Weaknesses

  • Incorrect JIT optimization of MSubstr leads to out-of-bounds reads

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References