1829 matches found
Mozilla Thunderbird < 140.12.1
The version of Thunderbird installed on the remote Windows host is prior to 140.12.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-64 advisory. - An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing...
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
ROS-20260622-73-0006
The vulnerability in Thunderbird is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260622-73-0021
The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...
ROS-20260622-73-0005
The vulnerability in Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Astra Linux – Vulnerability in Firefox and Thunderbird
The return registers were overwritten, which could have allowed an attacker to execute arbitrary code. Note: This issue only affected Armv7-A systems. Other operating systems were not affected. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
Astra Linux – Vulnerability in Thunderbird
Memory safety bugs exist in Firefox ESR 102.7. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Thunderbird 102.8 and Firefox ESR 102.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
A bug in the calculation of popup notification delays could have allowed an attacker to trick a user into granting permissions. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...
Astra Linux – Vulnerability in Firefox and Thunderbird
If an AlignedBuffer is assigned to itself, the subsequent self-move operation may lead to an incorrect reference count, potentially causing a use-after-free issue. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Astra Linux – Vulnerability in Firefox and Thunderbird
There was no limit to the number of HTTP/2 CONTINUATION frames that could be processed. A server could exploit this to cause a memory exhaustion condition in the browser. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Astra Linux – Vulnerability in Firefox, Thunderbird
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 100 and Firefox ESR 91.9. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited t...
Astra Linux – Vulnerability in Firefox and Thunderbird
Web-accessible extension pages pages with a moz-extension:// scheme did not correctly enforce the frame-ancestors directive when it was used in the Web Extension’s Content Security Policy. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...
Astra Linux – Vulnerability in Firefox and Thunderbird
Documents in deeply-nested cross-origin browsing contexts may have obtained permissions granted to the top-level origin, bypassing the existing prompts and wrongly inheriting the top-level permissions. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
Astra Linux – Vulnerability in Thunderbird
Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs in Firefox 94. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these...
Astra Linux – Vulnerability in Thunderbird
Previously, Firefox for macOS and Linux would download temporary files to a user-specific directory in /tmp. However, this behavior was changed so that the files were downloaded to /tmp, where they could be affected by other local users. This behavior has been reverted to the original,...
Astra Linux – Vulnerability in Firefox, Thunderbird
When installing an add-on, Firefox verifies the signature before prompting the user. However, while the user is confirming the prompt, the underlying add-on file could be modified without being detected by Firefox. This vulnerability affects Firefox versions earlier than 98, Firefox ESR versions...
Astra Linux – Vulnerability in Firefox, Chromium
Before version 101.0.4951.41, using Codecs in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Thunderbird
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive Chrome-level privileges; however, it could be used as a stepping stone for further attacks involving other vulnerabilities. This vulnerability affects...
Astra Linux – Vulnerability in Firefox and Thunderbird
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Expat
Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...