Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-9392,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, CVE-2024-9403)
Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://pdf.js” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin PDF content. (CVE-2024-9393)
Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://devtools” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin JSON content. (CVE-2024-9394)