Beschreibung
Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- Use-after-free vulnerability in the Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
- Mitigation bypass vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
- Race condition vulnerability in the Graphics component can be exploited to cause denial of service.
- Mitigation bypass vulnerability in the DOM: Core & HTML component can be exploited to bypass security restrictions.
- Same-origin policy bypass vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
- Spoofing vulnerability in Firefox can be exploited to spoof user interface.
- Same-origin policy bypass vulnerability in the DOM: Notifications component can be exploited to bypass security restrictions.
- Incorrect boundary conditions vulnerability in the JavaScript: WebAssembly component can be exploited to cause denial of service.
- Use-after-free vulnerability in the WebRTC: Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
Ursprüngliche Informationshinweise
Betroffene Produkte
CVE Liste
- CVE-2025-13012 critical
- CVE-2025-13013 high
- CVE-2025-13014 critical
- CVE-2025-13015 warning
- CVE-2025-13016 critical
- CVE-2025-13017 critical
- CVE-2025-13018 critical
- CVE-2025-13019 critical
- CVE-2025-13020 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!