Beschreibung
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information.
Below is a complete list of vulnerabilities:
- Security bypass vulnerability in JavaScript engine can be exploited to bypass security restrictions.
- Denial of service vulnerability in large branch table can be exploited to cause denial of service.
- Code execution vulnerability in javascript URLs when used in object and embed tags can be exploited to execute arbitrary code
- Code execution vulnerability in „Copy as cURL“ command can be exploited to execute arbitrary code.
- Information disclosure vulnerability in URL stripping can be exploited to obtain sensitive information.
- Security bypass vulnerability can be exploited via special crafted XSLT document to bypass security restrictions.
- Denial of service vulnerability in JavaScript state machine can be exploited to denial of service.
- Memory safety vulnerability can be exploited to execute arbitrary code.
Ursprüngliche Informationshinweise
Betroffene Produkte
CVE Liste
- CVE-2025-8027 high
- CVE-2025-8028 critical
- CVE-2025-8029 critical
- CVE-2025-8030 critical
- CVE-2025-8031 critical
- CVE-2025-8032 critical
- CVE-2025-8033 high
- CVE-2025-8034 critical
- CVE-2025-8035 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!