Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1924108 | Permissions Required |
https://www.mozilla.org/security/advisories/mfsa2025-44/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 May 2025, 01:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=1924108 - Permissions Required | |
References | () https://www.mozilla.org/security/advisories/mfsa2025-44/ - Vendor Advisory | |
First Time |
Mozilla
Mozilla thunderbird Mozilla firefox |
|
CPE | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:* |
28 May 2025, 15:01
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 May 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CWE | CWE-787 |
27 May 2025, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-27 13:15
Updated : 2025-05-30 01:15
NVD link : CVE-2025-5269
Mitre link : CVE-2025-5269
CVE.ORG link : CVE-2025-5269
JSON object : View
Products Affected
mozilla
- firefox
- thunderbird
CWE
CWE-787
Out-of-bounds Write