Multiple vulnerabilities in Mozilla Firefox ESR

Описание

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Use-after-free vulnerability in the WebRTC can be exploited to cause denial of service or execute arbitrary code.
2. Incorrect boundary conditions vulnerability in the Graphics component can be exploited to cause denial of service.
3. Privilege escalation vulnerability in the DOM can be exploited remotely to gain privileges.
4. JIT miscompilation vulnerability in the JavaScript Engine can be exploited to cause denial of service.
5. Privilege escalation vulnerability in the Netmonitor component can be exploited remotely to gain privileges.
6. Same-origin policy bypass vulnerability in the Request Handling component can be exploited to bypass security restrictions.
7. Memory safety vulnerability can be exploited to execute arbitrary code.

Первичный источник обнаружения

• MFSA2025-94
  

Связанные продукты

• Mozilla-Firefox-ESR

Список CVE

• CVE-2025-14321
  critical
• CVE-2025-14322
  critical
• CVE-2025-14323
  critical
• CVE-2025-14324
  critical
• CVE-2025-14325
  high
• CVE-2025-14328
  critical
• CVE-2025-14329
  critical
• CVE-2025-14330
  critical
• CVE-2025-14331
  high
• CVE-2025-14333
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com