A locally-installed hostile program could send WM_COPYDATA
messages that Firefox would process incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 89.0 | |
firefox_esr | lt | 78.11 | |
thunderbird | lt | 78.11 |