CVE-2024-8383

3 Sep 2024

Título es

CVE-2024-8383

Mar, 03/09/2024 – 13:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-8383

Descripción en

Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will This vulnerability affects Firefox

03/09/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1908496

https://www.mozilla.org/security/advisories/mfsa2024-39/

https://www.mozilla.org/security/advisories/mfsa2024-40/

https://www.mozilla.org/security/advisories/mfsa2024-41/

Enviar en el boletín

Off