説明
Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- Use-after-free vulnerability in the Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
- Mitigation bypass vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
- Race condition vulnerability in the Graphics component can be exploited to cause denial of service.
- Mitigation bypass vulnerability in the DOM: Core & HTML component can be exploited to bypass security restrictions.
- Same-origin policy bypass vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
- Spoofing vulnerability in Firefox can be exploited to spoof user interface.
- Same-origin policy bypass vulnerability in the DOM: Notifications component can be exploited to bypass security restrictions.
- Incorrect boundary conditions vulnerability in the JavaScript: WebAssembly component can be exploited to cause denial of service.
- Use-after-free vulnerability in the WebRTC: Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
オリジナルアドバイザリー
関連製品
CVEリスト
- CVE-2025-13012 critical
- CVE-2025-13013 high
- CVE-2025-13014 critical
- CVE-2025-13015 warning
- CVE-2025-13016 critical
- CVE-2025-13017 critical
- CVE-2025-13018 critical
- CVE-2025-13019 critical
- CVE-2025-13020 critical
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!