Description
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions, perform cross-site scripting attack, spoof user interface.
Below is a complete list of vulnerabilities:
- Use-after-free vulnerability in MediaTrackGraph can be exploited remotely to execute arbitrary code and cause denial of service
- Out of bounds read/write vulnerability in WebGL can be exploited remotely to execute arbitrary code and cause denial of service
- Security bypass vulnerability in privileged browser process can be exploited to bypass security restrictions and obtain sensitive information
- Security bypass vulnerability in JavaScript can be exploited to modify non-writable properties and bypass security restrictions
- Cross site scripting vulnerability due to improper MIME-type enforcement in OBJECT tag can be exploited remotely to execute arbitrary code
- Insufficient escaping in the “Copy as cURL” feature vulnerability can be exploited remotely to execute arbitrary code
- Memory corruption vulnerability can be exploited remotely to execute arbitrary code and cause denial of service
- Sandbox links vulnerability in Iframe can be exploited remotely to bypass security restrictions
- Card carousel vulnerability can be exploited to obtain sensitive information
- Address bar vulnerability can be exploited to create fake address bar and spoof user interface
- Use-after-free vulnerability in native messaging API can be exploited remotely to execute arbitrary code and cause denial of service
- Custom tab feature vulnerability can be exploited to spoof user interface
Original advisories
Related products
CVE list
- CVE-2025-11708 critical
- CVE-2025-11709 critical
- CVE-2025-11710 critical
- CVE-2025-11711 high
- CVE-2025-11712 high
- CVE-2025-11713 critical
- CVE-2025-11714 critical
- CVE-2025-11715 critical
- CVE-2025-11716 high
- CVE-2025-11717 critical
- CVE-2025-11718 high
- CVE-2025-11719 critical
- CVE-2025-11720 critical
- CVE-2025-11721 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!