1828 matches found
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
ROS-20260622-73-0005
The vulnerability in Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260622-73-0006
The vulnerability in Thunderbird is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260622-73-0021
The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...
Astra Linux – Vulnerability in Firefox and Thunderbird
When creating a callback via IPC to display the Color Picker window, multiple identical callbacks might be created at once. Eventually, all of them would be destroyed as soon as one of the callbacks is completed. This could lead to a use-after-free condition, resulting in a potentially exploitabl...
Astra Linux – Vulnerability in Firefox and Thunderbird
When receiving rendering data via IPC mStream, it might have been destroyed during initialization, which could lead to a use-after-free condition and potentially cause a crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
Astra Linux – Vulnerability in Firefox and Thunderbird
Excel .xll add-ins did not have a blocklist entry in Firefox’s executable blocklist, which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
Astra Linux – Vulnerability in Firefox and Thunderbird
When UpdateRegExpStatics attempted to access initialStringHeap, it might have already been garbage collected before entering the function. This could potentially lead to a exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
Astra Linux – Vulnerability in Thunderbird
A missing check related to text units could have led to a use-after-free condition and potentially exploitable crashes.Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This...
Astra Linux – Vulnerability in Firefox, Thunderbird
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 100 and Firefox ESR 91.9. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited t...
Astra Linux – Vulnerability in Firefox and Thunderbird
Relative URLs that start with three slashes were incorrectly parsed. The “path-traversal” /../ part in the path could be used to override the specified host. This could lead to security issues in websites. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...
Astra Linux – Vulnerability in Thunderbird
When receiving an HTML email that instructed to load an iframe element from a remote location, a request was sent to the remote document. However, Thunderbird did not display the document. This vulnerability affects Thunderbird versions 102.2.1 and Thunderbird 91.13.1...
Astra Linux – Vulnerability in Firefox and Thunderbird
Performing garbage collection on re-declared JavaScript variables led to a “user-after-poison” situation, and potentially caused a exploitable crash. This vulnerability affects Firefox 85, Thunderbird 78.7, and Firefox ESR 78.7...
Astra Linux – Vulnerability in Firefox and Thunderbird
When reading a file, an uninitialized value might have been used as the read limit. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...
Astra Linux – Vulnerability in Firefox and Thunderbird
When importing resources using Web Workers, error messages would differentiate between application/javascript responses and non-script responses. This could have been exploited to obtain information across origins. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...
Astra Linux – Vulnerability in Thunderbird
A use-after-free in WebGL extensions could lead to a potentially exploitable crash. This vulnerability affects Firefox 107, Firefox ESR 102.6, and Thunderbird 102.6...
Astra Linux – Vulnerability in Firefox, Chromium
Before version 101.0.4951.41, using Codecs in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Thunderbird
Mozilla developers reported memory safety bugs in Thunderbird 78.13.0. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Thunderbird versions less...
Astra Linux – Vulnerability in Firefox and Thunderbird
If an AlignedBuffer is assigned to itself, the subsequent self-move operation may lead to an incorrect reference count, potentially causing a use-after-free issue. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Astra Linux – Vulnerability in Firefox and Thunderbird
There was no limit to the number of HTTP/2 CONTINUATION frames that could be processed. A server could exploit this to cause a memory exhaustion condition in the browser. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...