CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-9397

High Severity
Mozilla
SVRS
58/100
CVSSv3
6.1/10
EPSS
0.00092/1

CVE-2024-9397 is a clickjacking vulnerability affecting Firefox and Thunderbird. This flaw involves a missing delay in the directory upload UI, potentially allowing attackers to trick users into unknowingly granting permissions. Specifically, versions prior to Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131 are vulnerable.

The lack of input validation and proper timing controls makes users susceptible to granting unintended access. While the CVSS score is 6.1 (Medium), indicating a moderate level of risk, the SOCRadar Vulnerability Risk Score (SVRS) is 58. Although not critical (above 80), this still signifies a notable risk, particularly if exploited in the wild. Successful exploitation could lead to unauthorized file uploads and potential data breaches. Users of affected Firefox and Thunderbird versions should update immediately to mitigate this threat.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:R
S:C
C:L
I:L
A:N
PUBLICATION DATE2025-03-18
LAST MODIFIED2024-10-01
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-9397 is a vulnerability in Firefox, Firefox ESR, Thunderbird, and Thunderbird that could allow an attacker to trick a user into granting permission via clickjacking. This vulnerability has a CVSS score of 0, indicating a low severity. However, SOCRadar's SVRS assigns it a score of 34, indicating a moderate risk.

Key Insights

  • This vulnerability could allow an attacker to gain access to sensitive information or take control of a user's account.
  • The vulnerability affects multiple versions of Firefox, Firefox ESR, Thunderbird, and Thunderbird.
  • There are no known active exploits for this vulnerability.

Mitigation Strategies

  • Update to the latest version of Firefox, Firefox ESR, Thunderbird, or Thunderbird.
  • Be aware of the risks of clickjacking and take steps to protect yourself from this type of attack.
  • Use a security solution that can detect and block clickjacking attacks.

Additional Information

  • The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning about this vulnerability.
  • This vulnerability is not known to be used in the wild.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-9397 | Mozilla Thunderbird up to 130 Directory Upload UI clickjacking (Nessus ID 207987)
vuldb.com2025-03-09
CVE-2024-9397 | Mozilla Thunderbird up to 130 Directory Upload UI clickjacking (Nessus ID 207987) | A vulnerability has been found in Mozilla Thunderbird up to 130 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Directory Upload UI. The manipulation leads to clickjacking. This vulnerability is known as CVE-2024-9397. The attack can be launched remotely. There
vuldb.com
rss
forum
news
CVE-2024-9397 | Mozilla Firefox up to 130 Directory Upload UI clickjacking (Nessus ID 207987)
vuldb.com2025-03-09
CVE-2024-9397 | Mozilla Firefox up to 130 Directory Upload UI clickjacking (Nessus ID 207987) | A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 130. Affected is an unknown function of the component Directory Upload UI. The manipulation leads to clickjacking. This vulnerability is traded as CVE-2024-9397. It is possible to launch the attack remotely. There is
vuldb.com
rss
forum
news
USN-7056-1: Firefox vulnerabilities
2024-10-07
USN-7056-1: Firefox vulnerabilities | Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-9392, CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400, CVE-2024-9401, CVE-2024-9402, CVE-2024-9403) Masato Kinugawa discovered that Firefox did not properly validate javascript under the "resource://pdf.js" origin. An attacker could potentially exploit this issue to execute arbitrary javascript code and access
cve-2024-9396
cve-2024-9393
cve-2024-9397
cve-2024-9403

Social Media

CVE-2024-9397 A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects… https://t.co/QDKDXNIYfV
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppMozillafirefox
AppMozillafirefox_esr
AppMozillathunderbird

References

ReferenceLink
[email protected]https://bugzilla.mozilla.org/show_bug.cgi?id=1916659
[email protected]https://www.mozilla.org/security/advisories/mfsa2024-46/
[email protected]https://www.mozilla.org/security/advisories/mfsa2024-47/
[email protected]https://www.mozilla.org/security/advisories/mfsa2024-49/
[email protected]https://www.mozilla.org/security/advisories/mfsa2024-50/
GITHUBhttps://bugzilla.mozilla.org/show_bug.cgi?id=1916659

CWE Details

CWE IDCWE NameDescription
CWE-1021Improper Restriction of Rendered UI Layers or FramesThe web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence