1214 matches found
CVE-2018-12392
CVE-2018-12392 is a vulnerability affecting Firefox (pre-63 and ESR pre-60.3) and Thunderbird (pre-60.3) where manipulating user events in nested loops while opening a document via script can trigger a crash due to poor event handling. Public advisories list the impact as a potentially exploitabl...
CVE-2020-15676
CVE-2020-15676 affects Firefox (and related Mozilla products) where the onload handler for SVG elements could run after the DOM sanitizer removed content, enabling JavaScript execution when pasting attacker-controlled data into a contenteditable area. Affected versions: Firefox < 81, Thunderbi...
CVE-2023-5168
CVE-2023-5168 refers to a vulnerability in Firefox on Windows where a compromised content process could supply malicious data to FilterNodeD2D1, causing an out-of-bounds write and potentially crashing a privileged process. The entry notes a high/critical risk with a base score of 9.8 (CVSSv3.1) a...
CVE-2023-4573
The CVE-2023-4573 issue is a memory corruption/use-after-free in Mozilla's IPC path (mStream) that can be triggered when rendering data is received via IPC. Connected documents confirm affected products include Firefox and Thunderbird (multiple ESR branches) with vulnerable components tied to IPC...
CVE-2023-4580
CVE-2023-4580 : Pushed notifications stored on disk in private browsing mode were not encrypted, potentially leaking sensitive information. Affected: Firefox < 117, Firefox ESR < 115.2, Thunderbird
CVE-2020-15655
CVE-2020-15655 affects Mozilla Firefox (including ESR) and Thunderbird, where a redirected HTTP request observed or modified through a web extension could bypass Same-Origin Policy via extension APIs, potentially disclosing cross-origin information. Affected versions include Firefox ESR <78.1,...
CVE-2023-3417
CVE-2023-3417 affects Mozilla Thunderbird. The issue arises from the Text Direction Override Unicode Character in filenames, which could cause an email attachment to appear as a non-executable document when it was actually an executable. Affected: Thunderbird versions before 115.0.1 and before 10...
CVE-2023-4583
CVE-2023-4583 concerns a logic issue in the HTTP/Browsing Context handling within Mozilla Firefox/Thunderbird. The flaw occurs when HttpBaseChannel checks whether a Browsing Context has been discarded; if the load group is unavailable, it may assume discard even for private channels after a priva...
CVE-2019-9818
CVE-2019-9818 is a use-after-free in the crash generation server used by Mozilla Firefox/Thunderbird on Windows. The issue, described as a race condition in the crash reporter server, can lead to a potentially exploitable crash and sandbox escape. Public references indicate the vulnerability affe...
CVE-2019-9801
CVE-2019-9801 affects Mozilla Firefox and Thunderbird on Windows. The issue allows Firefox/Thunderbird to treat any registered Program ID as an external protocol handler and offer to launch a local application when a matching URL is opened, even if the program is not intended as a URL handler. Ro...
CVE-2023-25751
CVE-2023-25751 affects Firefox and Thunderbird: root cause is incorrect code generation during JIT code invalidation when following an iterator, which could lead to a potentially exploitable crash. Affected: Firefox <=111 and Firefox ESR <=102.8/9, Thunderbird
CVE-2019-11739
CVE-2019-11739 affects Mozilla Thunderbird; encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a HTML reply/forward. Affected versions: Thunderbird < 68.1 and Thunderbird
CVE-2009-2408
CVE-2009-2408 affects Mozilla NSS up to 3.12.2/Firefox up to 3.0.12/ Thunderbird up to 2.0.0.22 and SeaMonkey up to 1.1.17. The issue is improper handling of a '\0' character in the domain name present in the certificate subject’s Common Name (CN) field of an X.509 certificate. This enables a man...
CVE-2021-29981
CVE-2021-29981 affects Firefox < 91 and Thunderbird
CVE-2021-38498
The CVE-2021-38498 entry describes a use-after-free of the nsLanguageAtomService (languages service object) during process shutdown, causing memory corruption and potentially a crash. Affected products include Firefox < 93, Thunderbird < 91.2, and Firefox ESR
CVE-2023-4578
CVE-2023-4578 affects Firefox and Thunderbird: a failure in JS::CheckRegExpSyntax could mishandle an out-of-memory (OOM) condition as a Syntax Error, potentially leading to crashes. Affected versions are Firefox < 117, Firefox ESR < 115.2, and Thunderbird
CVE-2019-11694
CVE-2019-11694 is a Windows-only vulnerability in the Mozilla Firefox/Thunderbird stack where an uninitialized memory value can leak from a broker into a renderer when accessing an otherwise unavailable file in the Windows sandbox. Affected products include Thunderbird < 60.7, Firefox < 67,...
CVE-2021-38501
CVE-2021-38501 is a memory-safety issue affecting Firefox up to version 92/ESR 91.1 with memory-corruption risks; impacted products include Firefox <93, Thunderbird <91.2, and Firefox ESR
CVE-2021-43528
CVE-2021-43528 : Thunderbird before 91.4.0 enables JavaScript in the composition area. The JS context is restricted to that area with no chrome privileges but could serve as a stepping stone to further attacks involving other vulnerabilities. Affected: Thunderbird
CVE-2024-0741
CVE-2024-0741 describes an out-of-bounds write in ANGLE that could corrupt memory and cause a potentially exploitable crash. Affected software includes Firefox up to version 121/122 and Firefox ESR up to 115.7, as well as Thunderbird up to 115.7. The connected advisories indicate the root cause i...
CVE-2023-4574
CVE-2023-4574 involves a use-after-free in the IPC ColorPickerShownCallback: creating multiple identical callbacks for the Color Picker over IPC, then destroying them all when one finishes. Affected: Firefox < 117, Firefox ESR < 102.15/115.2, Thunderbird
CVE-2023-4575
CVE-2023-4575 describes a memory safety risk in Mozilla components where IPC FilePickerShownCallback could suffer a use-after-free due to multiple identical callbacks being created and destroyed concurrently during File Picker window invocation. Affected products include Firefox (all listed varia...
CVE-2023-4577
CVE-2023-4577 is a memory-corruption issue in the Firefox/Thunderbird code path where UpdateRegExpStatics could access initialStringHeap after it had been garbage collected, potentially causing an exploitable crash. Connected advisories corroborate that affected products include Firefox versions ...
CVE-2017-5390
CVE-2017-5390 concerns the JSON viewer in Mozilla/Thunderbird Developer Tools that uses insecure methods to copy/view JSON or HTTP header data, enabling potential privilege escalation. Concrete details in connected docs show this affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox
CVE-2021-29948
Thunderbird prior to 78.10.0 is affected by CVE-2021-29948, where signatures are written to disk before verification and may be at risk of a race condition if a local attacker replaces the file. Impact includes potential signature forgery; remediation is to upgrade Thunderbird to 78.10.0 or newer...
CVE-2023-29536
The CVE-2023-29536 entry applies to Mozilla products (Firefox, Focus, Thunderbird, Firefox ESR, and Firefox for Android) with memory-management weakness in freeing a pointer to attacker-controlled memory. Impacted versions include Firefox <112, Focus for Android <112, Firefox ESR <102.10...
CVE-2023-5728
CVE-2023-5728 : In the Firefox/Thunderbird stack, during garbage collection extra operations on an object that should not be touched could lead to a potentially exploitable crash. Affected: Firefox < 119, Firefox ESR < 115.4, and Thunderbird
CVE-2018-12390
CVE-2018-12390 corresponds to memory-safety bugs in Mozilla Firefox and Thunderbird prior to patched versions. Affected: Firefox < 63, Firefox ESR < 60.3, Thunderbird
CVE-2019-9794
CVE-2019-9794: Command line arguments are not discarded when Firefox is invoked as a shell handler for URLs on Windows, enabling potential remote file retrieval/execution. Affected: Thunderbird <60.6, Firefox ESR <60.6, Firefox
CVE-2023-4582
CVE-2023-4582 is a Firefox-on-macOS-specific issue where large allocation checks in Angle for GLSL shaders could overflow a private shader memory allocation, leading to a buffer overflow. The vulnerability affects Firefox versions earlier than 117 (and Firefox ESR < 115.2, Thunderbird
CVE-2018-12365
CVE-2018-12365 is a vulnerability where a compromised IPC child process can escape the content sandbox and list names of arbitrary files on the file system without user consent. It affects Thunderbird (versions below 60, including 52.9) and Firefox-based products (Firefox ESR < 60.1/52.9, Fire...
CVE-2018-12376
CVE-2018-12376 involves memory safety bugs in Firefox 61/ESR 60.1 and Thunderbird
CVE-2021-29951
CVE-2021-29951 involves the Mozilla Maintenance Service granting SERVICE_START access to BUILTIN|Users, enabling domain users to start/stop the browser update service. Affected: Windows systems older than Windows 10 build 1709; Firefox prior to 87 and Firefox ESR prior to 78.10.1, Thunderbird pri...
CVE-2021-38497
CVE-2021-38497 describes a UI spoofing issue caused by using reportValidity() together with window.open(), which could overlay a plain-text validation message on another origin. Affected software versions are Firefox < 93, Thunderbird < 91.2, and Firefox ESR
CVE-2023-5730
The CVE-2023-5730 entry concerns memory safety bugs in Mozilla Firefox (Firefox 118 and ESR 115.3) and Thunderbird 115.3 that could allow arbitrary code execution. Affected versions are Firefox < 119, Firefox ESR < 115.4, and Thunderbird
CVE-2019-9815
CVE-2019-9815 describes a timing-attack similar to Spectre when hyperthreading is not disabled. Affected: macOS content threads (macOS 10.14.5 introduces a sysctl option to disable hyperthreading for untrusted code on the main or worker JavaScript threads), and affected Firefox/Thunderbird versio...
CVE-2023-29539
Concrete details found: CVE-2023-29539 (Content-Disposition filename truncation on NULL) affects Firefox family and Thunderbird; root cause is NULL character in filename causing truncation and potential Reflected File Download. Connected documents (Astra Linux bulletin, Debian/CentOS advisories) ...
CVE-2022-46882
CVE-2022-46882 is a use-after-free in WebGL extensions that could cause a crash in affected Mozilla products. Affected software include Firefox versions before 107 and Firefox ESR before 102.6, and Thunderbird before 102.6. The connected documents identify the underlying issue as a use-after-free...
CVE-2021-29987
CVE-2021-29987 describes a UI permission trick where after requesting multiple permissions and closing the first panel, subsequent panels appear in a different position but still register a click in the default location, potentially causing a user to grant unwanted permissions. Technical details ...
CVE-2023-4576
CVE-2023-4576 affects Mozilla Firefox on Windows, where an integer overflow in RecordedSourceSurfaceCreation can cause a heap buffer overflow potentially leaking data and enabling sandbox escape. Affected products/versions listed include Firefox on Windows and Firefox/Thunderbird releases older t...
CVE-2017-5436
CVE-2017-5436 is an out-of-bounds write in the Graphite 2 library triggered by a malicious Graphite font, causing a potentially exploitable crash. The issue was fixed in Graphite 2 and in Mozilla products; affected Mozilla components include Thunderbird < 52.1, Firefox ESR < 45.9 and < 5...
CVE-2018-12377
CVE-2018-12377 is a use-after-free vulnerability that can occur when refresh driver timers are refreshed during shutdown, potentially causing a crash when the timer is deleted while still in use. The issue affects Thunderbird versions prior to 60.2.1 (and related Firefox/ESR components). The docu...
CVE-2021-29982
CVE-2021-29982 affects Firefox and Thunderbird prior to version 91. Root cause: incorrect JIT optimization causing type confusion, leading to potential leakage of a single memory bit. Connected advisories confirm the issue and describe remediation as upgrading to Firefox/Thunderbird version 91 or...
CVE-2022-40962
CVE-2022-40962 is a memory safety issue in Firefox 104 and Firefox ESR 102.2 reported by Mozilla Fuzzing Team. The connected documents confirm memory corruption indicators and state that, with enough effort, some bugs could be exploited to run arbitrary code. The vulnerability affects Firefox ESR...
CVE-2018-12359
CVE-2018-12359 is a buffer overflow in rendering canvas content when dynamically adjusting the height/width, potentially causing a crash. Affected: Thunderbird and Firefox variants (e.g., Thunderbird < 52.9, Firefox ESR < 60.1, Firefox
CVE-2018-12362
CVE-2018-12362 is an integer overflow in the SSSE3 scaler used during graphics operations, affecting Thunderbird and Firefox variants prior to specific versions (e.g., Thunderbird < 52.9, Firefox ESR < 60.1, Firefox
CVE-2018-5150
CVE-2018-5150 concerns memory safety bugs in Firefox 59/ESR 52.7 and Thunderbird 52.7, with potential memory corruption that could allow arbitrary code execution. Affected products include Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR
CVE-2017-5375
CVE-2017-5375 affects Mozilla Thunderbird, Firefox ESR, and Firefox prior to certain version thresholds. The issue is a JIT code allocation vulnerability that can bypass ASLR and DEP, enabling memory corruption. Public exploit activity exists (ASM.JS JIT-Spray PoCs) for multiple Firefox versions ...
CVE-2022-3266
CVE-2022-3266 is an out-of-bounds read in H.264 video decoding that can trigger a crash. Affected products in the provided documents include Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox
CVE-2023-5724
The connected Astra Linux bulletin confirms CVE-2023-5724: Drivers are not always robust to extremely large draw calls, potentially causing crashes in Firefox before 119, Firefox ESR before 115.4, and Thunderbird before 115.4.1. Affected versions are Firefox <119, Firefox ESR <115.4, Thunde...