CVE-2024-9680 - Mozilla Firefox Use-After-Free Vulnerability
Project:Mozilla
Product:Firefox
Date Added:2024-10-15Due Date:2024-11-05
Vulnerability Name
Mozilla Firefox Use-After-Free Vulnerability
Description
Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
https://nvd.nist.gov/vuln/detail/CVE-2024-9680
Related News Articles
Mozilla warns Windows users of critical Firefox sandbox escape flawMarch 27, 2025
Firefox and Windows zero-days exploited by Russian RomCom hackersNovember 26, 2024
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated CyberattacksNovember 26, 2024
SolarWinds Web Help Desk flaw is now exploited in attacksOctober 17, 2024