Beschreibung
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions, perform cross-site scripting attack.
Below is a complete list of vulnerabilities:
- Use-after-free vulnerability in MediaTrackGraph can be exploited remotely to execute arbitrary code and cause denial of service
- Out of bounds read/write vulnerability in WebGL can be exploited remotely to execute arbitrary code and cause denial of service
- Security bypass vulnerability in privileged browser process can be exploited to bypass security restrictions and obtain sensitive information
- Security bypass vulnerability in JavaScript can be exploited to modify non-writable properties and bypass security restrictions
- Sandbox links vulnerability in Iframe can be exploited remotely to bypass security restrictions
- Cross site scripting vulnerability due to improper MIME-type enforcement in OBJECT tag can be exploited remotely to execute arbitrary code
- Insufficient escaping in the “Copy as cURL” feature vulnerability can be exploited remotely to execute arbitrary code
- Use-after-free vulnerability in native messaging API can be exploited remotely to execute arbitrary code and cause denial of service
- Memory corruption vulnerability can be exploited remotely to execute arbitrary code and cause denial of service
Ursprüngliche Informationshinweise
Betroffene Produkte
CVE Liste
- CVE-2025-11708 critical
- CVE-2025-11709 critical
- CVE-2025-11710 critical
- CVE-2025-11711 high
- CVE-2025-11712 high
- CVE-2025-11713 critical
- CVE-2025-11714 critical
- CVE-2025-11715 critical
- CVE-2025-11716 high
- CVE-2025-11719 critical
- CVE-2025-11721 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!