Home > Vulnerability Database > CVE-2024-9398

Mend.io Vulnerability Database

CVE-2024-9398

Date: October 1, 2024

By checking the result of calls to "window.open" with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.

Language: C++

Severity Score

5.3

Related Resources (7)

Url: https://www.mozilla.org/security/advisories/mfsa2024-49/

Url: https://www.mozilla.org/security/advisories/mfsa2024-47/

Url: https://www.mozilla.org/security/advisories/mfsa2024-46/

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-9398

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1881037

Url: https://www.mozilla.org/security/advisories/mfsa2024-50/

Url: https://www.mend.io/vulnerability-database/CVE-2024-9398

Severity Score

5.3

Weakness Type (CWE)

Observable Discrepancy

CWE-203

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-9398

Date: October 1, 2024

Language: C++

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?