KLA51619
Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in popup notifications can be exploited remotely to gain privileges.
2. Security UI vulnerability can be exploited to spoof user interface and execute arbitrary code.
3. Out of bounds read vulnerability in DOMParser can be exploited to cause denial of service.
4. Denial of service vulnerability in WASM JIT analysis can be exploited to cause denial of service.
5. Memory safety vulnerability can be exploited to execute arbitrary code.
6. An elevation of privilege vulnerability in Firefox uninstaller can be exploited remotely to gain privileges.
7. Cookie jar overflow vulnerability can be exploited to cause denial of service.
8. Use after free vulnerability can be exploited to cause denial of service or execute arbitrary code.
9. Security vulnerability in Offscreen Canvas can be exploited to bypass security restrictions.
10. Stack buffer overflow vulnerability in StorageManager can be exploited remotely to cause denial of service.

Mozilla Thunderbird 115.x earlier than 115.1

Update to the latest version
Download Firefox ESR