ROS-20240927-06

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers
is related to errors in security settings. Exploitation of the vulnerability could allow an attacker,
acting remotely, to bypass the protection mechanism of an isolated software environment

Vulnerability of nsTextFragment function in Mozilla Firefox, Firefox ESR and Thunderbird mail client browsers
is related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow
an attacker acting remotely to affect the confidentiality, integrity, and availability of protected information.
of protected information

Vulnerability in MessagePort::Entangled() function of Firefox and Firefox ESR browsers and Thunderbird email client is related to memory usage in Firefox and Firefox ESR browsers.
Thunderbird is related to memory usage after its release. Exploitation of the vulnerability could
Allow a remote attacker to cause a denial of service or other impact

Vulnerability in ShutdownObserver() function of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to dependency on memory after its release.
Thunderbird is associated with a dependency on an undefined behavior for each implementation type.
Exploitation of the vulnerability could allow an attacker acting remotely to impact the
confidentiality, integrity, and availability of protected information

The vulnerability in Mozilla Firefox, Firefox ESR browser, and Thunderbird email client is related to the
memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker,
acting remotely, to affect confidentiality, integrity and availability of protected information.
information

Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to violation of the initial buffer boundary.
initial buffer boundary. Exploitation of the vulnerability could allow an attacker acting remotely,
Affect the confidentiality and integrity of data

Vulnerability in the X11 graphical display system of Firefox and Firefox ESR browsers and Thunderbird email client is related to a corrupted initial buffer boundary.
Thunderbird is related to incorrect restriction of visualized layers of the user interface
Selection API. Exploitation of the vulnerability could allow a remote attacker to compromise the confidentiality and integrity of the user interface.
Affect the confidentiality and integrity of protected information

A vulnerability in the full-screen mode of Firefox and Firefox ESR browsers and Thunderbird email client is related to
with information presentation errors in the user interface. Exploitation of the vulnerability could
allow an attacker acting remotely to conduct a clickjacking attack.

Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to incorrect path name restriction with "“chars”.
path name restriction with the characters “/… /”. Exploitation of the vulnerability could allow an attacker,
acting remotely, to gain unauthorized access to protected information

Vulnerability in the WebGL2RenderingContext.blitFramebuffer() method of the WebGL2 interface of Firefox and Firefox
ESR and Thunderbird mail client is related to operation out of memory buffer boundaries during processing of canvas elements.
canvas elements. Exploitation of the vulnerability could allow a remote intruder to gain
unauthorized access to protected information

Vulnerability of DrawElementsInstanced method of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to overflow of the DrawElementsInstanced method in Mozilla Firefox and Firefox ESR browsers.
Thunderbird is related to buffer overflow in dynamic memory. Exploitation of the vulnerability could
allow a remote attacker to affect the confidentiality, integrity and availability of protected information.
availability of protected information

Vulnerability in Firefox, Firefox ESR browsers is related to information presentation errors in the user interface.
interface. Exploitation of the vulnerability allows a remote intruder to conduct a clickjacking attack.
clickjacking

Vulnerability of nsDNSService::Init file in Mozilla Firefox ESR and Thunderbird mail client browsers
is related to memory usage after it is freed. Exploitation of the vulnerability could allow
an attacker acting remotely to affect confidentiality, integrity and availability of protected information.
protected information

Vulnerability of nsWindow::PickerOpen(void) method of Mozilla Firefox, Firefox ESR and Thunderbird mail client browsers.
Thunderbird is related to buffer overflow in dynamic memory. Exploitation of the vulnerability could
allow a remote attacker to affect the confidentiality, integrity, and availability of protected information.
availability of protected information

Vulnerability of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to buffer overflow in memory.
operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code.
remotely to execute arbitrary code

Incognito mode vulnerability in Mozilla Firefox and Firefox ESR browsers is related to the use of uninitialized variables.
uninitialized variables. Exploitation of the vulnerability could allow an attacker acting remotely to expose protected code.
remotely to disclose protected information

Vulnerability of ReadableByteStreams function in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of uninitialized variables after the use of memory after the use of the ReadableByteStreams function.
Thunderbird is related to memory usage after release. Exploitation of the vulnerability could allow
an attacker acting remotely to execute arbitrary code