CNNVD-202509-2554 Information
CNNVD ID
CNNVD-202509-2554
Related CVE
- CNNVD Published: 2025-09-16
Description (Chinese)
Mozilla Firefox和Mozilla Thunderbird都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Firefox和Mozilla Thunderbird存在安全漏洞,该漏洞源于Graphics:Canvas2D组件中的指针无效。
Description (English)
Mozilla Firefox and Mozilla Thunderbird are products of the Mozilla Foundation in the United States. Mozilla Firefox is an open-source Web browser. Mozilla Thunderbird is an independent email client from Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail formats. There is a security loophole in Mozilla Firefox and Mozilla Thunderbird, which stems from the ineffectiveness of the pointer in the Grampics:Canvas2D component.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mozilla
Published
2025-09-16
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-73/ https://www.mozilla.org/security/advisories/mfsa2025-75/ https://www.mozilla.org/security/advisories/mfsa2025-77/ https://www.mozilla.org/security/advisories/mfsa2025-78/ https://bugzilla.mozilla.org/show_bug.cgi?id=1986185
Patch
https://www.mozilla.org/security/advisories/mfsa2025-73/
Share on: