QID 379392

Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

Mozilla Firefox is prone to
CVE-2024-1546: Out-of-bounds memory read in networking channels
CVE-2024-1547: Alert dialog could have been spoofed on another site
CVE-2024-1554: fetch could be used to effect cache poisoning
CVE-2024-1548: Fullscreen Notification could have been hidden by select element
CVE-2024-1549: Custom cursor could obscure the permission dialog
CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants
CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header in response parts
CVE-2024-1555: SameSite cookies were not properly respected when opening a website from an external browser
CVE-2024-1556: Invalid memory access in the built-in profiler
CVE-2024-1552: Incorrect code generation on 32-bit ARM devices
CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
CVE-2024-1557: Memory safety bugs fixed in Firefox 123

Affected Products:
Prior to Firefox 123

QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.