CVE-2024-6607
HIGHDescription
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Is your site exposed to CVE-2024-6607?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| mozilla | firefox |
| mozilla | thunderbird |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-6607? +
How severe is CVE-2024-6607? +
What products are affected by CVE-2024-6607? +
How do I check if I'm vulnerable to CVE-2024-6607? +
Related Vulnerabilities
A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault …
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component theta_star::ThetaStar::isUnsafeToPlan().
In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append() tipc_msg_validate() can potentially reallocate the …
An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior …
Memory corruption while reading ACPI config through the user mode app.
When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type …