FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 135.0.0,2
firefox-esr < 115.20,1
116.0,1 < firefox-esr < 128.6,1
thunderbird < 128.7
129 < thunderbird < 135

Details

VuXML ID e54a1413-e539-11ef-a845-b42e991fc52e
Discovery 2025-02-04
Entry 2025-02-07

security@mozilla.org reports:

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash.

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash.

A race during concurrent delazification could have led to a use-after-free.

Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

[source]

References

CVE Name CVE-2025-1009
CVE Name CVE-2025-1010
CVE Name CVE-2025-1012
CVE Name CVE-2025-1016
URL https://nvd.nist.gov/vuln/detail/CVE-2025-1009
URL https://nvd.nist.gov/vuln/detail/CVE-2025-1010
URL https://nvd.nist.gov/vuln/detail/CVE-2025-1012
URL https://nvd.nist.gov/vuln/detail/CVE-2025-1016

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.