1828 matches found
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
ROS-20260622-73-0006
The vulnerability in Thunderbird is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260622-73-0021
The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...
ROS-20260622-73-0005
The vulnerability in Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Astra Linux – Vulnerability in Firefox
Due to insufficient escaping of special characters in the “copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user’s system. This vulnerability was fixed in Firefox 138 and Thunderbird 138...
Astra Linux – Vulnerability in Firefox and Thunderbird
When segmenting specially crafted text, segmentation may corrupt memory, leading to a potentially exploitable crash. This vulnerability has been fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...
Astra Linux – Vulnerability in Firefox, Thunderbird
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 100 and Firefox ESR 91.9. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited t...
Astra Linux – Vulnerability in Firefox and Thunderbird
If an AlignedBuffer is assigned to itself, the subsequent self-move operation may lead to an incorrect reference count, potentially causing a use-after-free issue. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Astra Linux – Vulnerability in Firefox
A process isolation vulnerability in Thunderbird stems from improper handling of JavaScript URIs. This issue could allow content to execute in the process of the top-level document, rather than in the intended frame, potentially enabling a sandbox escape. This vulnerability has been fixed in...
Astra Linux – Vulnerability in Firefox, Thunderbird
When installing an add-on, Firefox verifies the signature before prompting the user. However, while the user is confirming the prompt, the underlying add-on file could be modified without being detected by Firefox. This vulnerability affects Firefox versions earlier than 98, Firefox ESR versions...
Astra Linux – Vulnerability in Thunderbird, Firefox
Memory safety bugs exist in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute...
Astra Linux – Vulnerability in Thunderbird, Firefox
The length of the certificate was not properly checked when it was added to the certificate store. In practice, only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...
Astra Linux – Vulnerability in Thunderbird, Firefox
It was possible to interrupt the processing of a RegExp bailout and execute additional JavaScript code, potentially triggering garbage collection when the engine did not expect it. This vulnerability has been fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox...
Astra Linux – Vulnerability in Thunderbird
When receiving an HTML email that instructed to load an iframe element from a remote location, a request was sent to the remote document. However, Thunderbird did not display the document. This vulnerability affects Thunderbird versions 102.2.1 and Thunderbird 91.13.1...
Astra Linux – Vulnerability in Firefox
Multiple NSS NIST curves were vulnerable to a side-channel attack known as “Minerva”. This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox versions less than 121...
Astra Linux – Vulnerability in Firefox and Thunderbird
Relative URLs that start with three slashes were incorrectly parsed. The “path-traversal” /../ part in the path could be used to override the specified host. This could lead to security issues in websites. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...
Astra Linux – Vulnerability in Firefox and Thunderbird
Firefox was vulnerable to a heap buffer overflow in nsTextFragment due to insufficient OOM handling. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
Astra Linux – Vulnerability in Firefox and Thunderbird
When calling JS::CheckRegExpSyntax, a syntax error may be set, resulting in the call to convertToRuntimeErrorAndClear. A path within the function might attempt to allocate memory when no memory is available, causing a newly created Out of Memory exception to be misinterpreted as a syntax error...
Astra Linux – Vulnerability in Thunderbird
A use-after-free in WebGL extensions could lead to a potentially exploitable crash. This vulnerability affects Firefox 107, Firefox ESR 102.6, and Thunderbird 102.6...