TopVuln

High-risk vulnerability digests

CVE-2024-4367

  • HIGH

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

Details

CVSS v3
8.8
NVD published
2024-05-14 18:15:12
EPSS
34.6% probability · 97.0th percentile — 2026-05-01
Affected versions
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:* cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:* cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:-:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision10:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision11:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision12:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision13:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision14:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision15:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision16:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision17:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision18:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision19:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision20:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision21:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision22:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision23:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision24:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision25:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision26:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision27:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision28:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision29:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision3:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision30:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision31:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision32:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision33:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision34:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision35:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision36:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision37:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision38:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision39:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision4:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision40:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision41:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision42:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision43:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision44:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision5:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision6:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision7:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision8:*:*:*:*:*:* cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision9:*:*:*:*:*:*
Summary
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Remediation
Not available in our cache.
Exploit info
Not available in our cache.

View on NVD

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.