CLSA-2026-1779136540 thunderbird: Fix of 2 CVEs

CVE-2024-0747: Document::Open inheriting CSP from a different window - CVE-2025-5268: Memory safety bugs gfxFont mHasSpaceFeatures atomicity, PresShell event-handler UAF, wasm uncheckedReadValType missing types...

OSV-2024-326 Heap-buffer-overflow in GfxFont::readFontDescriptor

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68193 Crash type: Heap-buffer-overflow READ 1 Crash state: GfxFont::readFontDescriptor Gfx8BitFont::Gfx8BitFont GfxFont::makeFont...

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability Summary An exploitable use-after-free exists in the PDF parsing functionality of the Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in dire...

CVE-2012-4216

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of servic...

Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of servic...