CNNVD-202507-2930 Information
CNNVD ID
CNNVD-202507-2930
Related CVE
- CNNVD Published: 2025-07-22
Description (Chinese)
Mozilla Firefox等都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。 Mozilla多款产品存在缓冲区错误漏洞,该漏洞源于内存安全问题,可能导致执行任意代码。以下产品和版本受到影响:Firefox 141之前版本、Firefox ESR 128.13之前版本和140.1之前版本和Thunderbird 141之前版本、128.13之前版本和140.1之前版本。
Description (English)
Mozilla Firefox and others are products of the Mozilla Foundation in the United States. Mozilla Firefox is an open-source Web browser. Mozilla Firefox ESR is an extended support version of Firefox (Web Browser). Mozilla Thunderbird is an independent email client from Mozilla Application Suite. Mozilla’s multiple products have an error loophole in the buffer zone, which stems from the problem of memory security and may lead to the enforcement of arbitrary codes. The following products and versions were affected: preFirefox 141, preFirefox ESR 128.13 and pre-140.1 and pre-Thunderbird 141, pre-128.13 and pre-140.1.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
Mozilla
Published
2025-07-22
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-61/ https://www.mozilla.org/security/advisories/mfsa2025-62/ https://www.mozilla.org/security/advisories/mfsa2025-63/ https://www.mozilla.org/security/advisories/mfsa2025-56/ https://www.mozilla.org/security/advisories/mfsa2025-58/ https://www.mozilla.org/security/advisories/mfsa2025-59/ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1975961%2C1975961%2C1975961 https://nvd.nist.gov/vuln/detail/CVE-2025-8035
Patch
https://www.firefox.com/zh-CN/?utm_campaign=SET_DEFAULT_BROWSER
Share on: