vulnerability

FreeBSD: VID-aa1c7af9-570e-11ef-a43e-b42e991fc52e (CVE-2024-5690): mozilla firefox -- protocol information guessing

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Aug 10, 2024

Added

Aug 10, 2024

Modified

Jun 15, 2026

Description

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox less than 127, Firefox ESR less than 115.12, and Thunderbird less than 115.12.

Solution

freebsd-upgrade-package-firefox

References

CVE-2024-5690
https://attackerkb.com/topics/CVE-2024-5690
CWE-203
EUVD-EUVD-2024-46862
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-46862

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report