CNNVD-202510-2018 Information
CNNVD ID
CNNVD-202510-2018
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Mozilla Firefox和Mozilla Thunderbird都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Firefox 144之前版本和Mozilla Thunderbird 144之前版本存在资源管理错误漏洞,该漏洞源于Windows上Web扩展使用原生消息API时存在释放后重用内存损坏,可能导致崩溃。
Description (English)
Mozilla Firefox and Mozilla Thunderbird are products of the Mozilla Foundation in the United States. Mozilla Firefox is an open-source Web browser. Mozilla Thunderbird is an independent email client from Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail formats. The previous version of Mozilla Firefox 144 and the previous version of Mozilla Thunderbird 144 had a resource management error loophole, which stemmed from post-release memory damage that could result from the release of re-entry damage when Web expanded on Windows to use raw API.
Hazard Level
Low
Vulnerability Type
资源管理错误
Affected Vendor
Mozilla
Published
2025-10-14
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-84/ https://bugzilla.mozilla.org/show_bug.cgi?id=1991950 https://www.mozilla.org/security/advisories/mfsa2025-81/
Share on: