Popis
Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- Use-after-free vulnerability in the Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
- Mitigation bypass vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
- Race condition vulnerability in the Graphics component can be exploited to cause denial of service.
- Mitigation bypass vulnerability in the DOM: Core & HTML component can be exploited to bypass security restrictions.
- Same-origin policy bypass vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
- Spoofing vulnerability in Firefox can be exploited to spoof user interface.
- Same-origin policy bypass vulnerability in the DOM: Notifications component can be exploited to bypass security restrictions.
- Incorrect boundary conditions vulnerability in the JavaScript: WebAssembly component can be exploited to cause denial of service.
- Use-after-free vulnerability in the WebRTC: Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
Oficiální doporučení
Související produkty
seznam CVE
- CVE-2025-13012 critical
- CVE-2025-13013 high
- CVE-2025-13014 critical
- CVE-2025-13015 warning
- CVE-2025-13016 critical
- CVE-2025-13017 critical
- CVE-2025-13018 critical
- CVE-2025-13019 critical
- CVE-2025-13020 critical
Zobrazit více
Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com
Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!