CVE-2025-5269

Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

History

30 May 2025, 01:15

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1924108 - () https://bugzilla.mozilla.org/show_bug.cgi?id=1924108 - Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2025-44/ - () https://www.mozilla.org/security/advisories/mfsa2025-44/ - Vendor Advisory
First Time Mozilla
Mozilla thunderbird
Mozilla firefox
CPE cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*

28 May 2025, 15:01

Type Values Removed Values Added
Summary
  • (es) Error de seguridad de memoria presente en Firefox ESR 128.10 y Thunderbird 128.10. Este error mostró evidencia de corrupción de memoria y presumimos que, con suficiente esfuerzo, podría haberse explotado para ejecutar código arbitrario. Esta vulnerabilidad afecta a Firefox ESR &lt; 128.11.

27 May 2025, 18:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CWE CWE-787

27 May 2025, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-27 13:15

Updated : 2025-05-30 01:15


NVD link : CVE-2025-5269

Mitre link : CVE-2025-5269

CVE.ORG link : CVE-2025-5269


JSON object : View

Products Affected

mozilla

  • firefox
  • thunderbird
CWE
CWE-787

Out-of-bounds Write