CVSS: 7.1EPSS: 0%CPEs: 20EXPL: 0CVE-2025-0237 – firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack
https://notcve.org/view.php?id=CVE-2025-0237
07 Jan 2025 — The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6. The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1915257 • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11699 – firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5
https://notcve.org/view.php?id=CVE-2024-11699
26 Nov 2024 — Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in Firefox 132, Firefox ESR ... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11708 – Ubuntu Security Notice USN-7134-1
https://notcve.org/view.php?id=CVE-2024-11708
26 Nov 2024 — Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. This vulnerability affects Firefox < 133 and Thunderbird < 133. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. • https://bugzilla.mozilla.org/show_bug.cgi?id=1922912 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11706 – Ubuntu Security Notice USN-7134-1
https://notcve.org/view.php?id=CVE-2024-11706
26 Nov 2024 — A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the `SEC_ASN1DecodeItem_Util` function, when handling malformed or improperly formatted input files. This vulnerability affects Firefox < 133 and Thunderbird < 133. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbit... • https://bugzilla.mozilla.org/show_bug.cgi?id=1923767 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11705 – Ubuntu Security Notice USN-7134-1
https://notcve.org/view.php?id=CVE-2024-11705
26 Nov 2024 — `NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows `phKey` to be NULL for certain mechanisms. This vulnerability affects Firefox < 133 and Thunderbird < 133. Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1921768 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11698
https://notcve.org/view.php?id=CVE-2024-11698
26 Nov 2024 — A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. *This bug only affects the application when running on macOS. Other operating systems are unaffected.* This vulnerability affects ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1916152 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-11704 – Gentoo Linux Security Advisory 202501-10
https://notcve.org/view.php?id=CVE-2024-11704
26 Nov 2024 — A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. This vulnerability affects Firefox < 133 and Thunderbird < 133. A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory co... • https://bugzilla.mozilla.org/show_bug.cgi?id=1899402 • CWE-415: Double Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11697 – firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
https://notcve.org/view.php?id=CVE-2024-11697
26 Nov 2024 — When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1842187 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-356: Product UI does not Warn User of Unsafe Actions •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11696 – firefox: thunderbird: Unhandled Exception in Add-on Signature Verification
https://notcve.org/view.php?id=CVE-2024-11696
26 Nov 2024 — The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with... • https://bugzilla.mozilla.org/show_bug.cgi?id=1929600 • CWE-347: Improper Verification of Cryptographic Signature CWE-354: Improper Validation of Integrity Check Value •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11695 – firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters
https://notcve.org/view.php?id=CVE-2024-11695
26 Nov 2024 — A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing at... • https://bugzilla.mozilla.org/show_bug.cgi?id=1925496 • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-1021: Improper Restriction of Rendered UI Layers or Frames •