Akmat Suleimanov

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 135 Firefox ESR versions prior to 115.20 Firefox ESR versions prior to 128.7 Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 **Description** Memory safety bugs have been detected in Firefox and Thunderbird, showing evidence of memory corruption. It is presumed that with enough effort, some of these bugs could have been exploited to run arbitrary code. **Recommendations** For Firefox versions prior to 135, update to version 135 or later. For Firefox ESR versions prior to 115.20, update to version 115.20 or later. For Firefox ESR versions prior to 128.7, update to version 128.7 or later. For Thunderbird versions prior to 128.7, update to version 128.7 or later. For Thunderbird versions prior to 135, update to version 135 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 134.0.2 Firefox ESR versions prior to 140.4.0 Thunderbird versions prior to 138.0 Thunderbird versions prior to 137.0 **Description** The software is affected by memory safety flaws that could allow for arbitrary code execution. These flaws may lead to memory corruption, potentially enabling an attacker to exploit the system by tricking a user into opening a specially crafted website. No information is available regarding the number of potentially affected devices or real-world incidents. The issue involves a failure to properly validate buffer sizes during data copying operations. **Recommendations** Update Firefox to version 134.0.2 or later. Update Firefox ESR to version 140.4.0 or later. Update Thunderbird to version 138.0 or later. Update Thunderbird to version 137.0 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 133 Firefox ESR versions prior to 128.5 Thunderbird versions prior to 133 Thunderbird versions prior to 128.5 **Description** The issue is related to memory safety bugs that have been identified in Firefox, Firefox ESR, and Thunderbird. Some of these bugs showed evidence of memory corruption, and it is presumed that with enough effort, some of these could have been exploited to run arbitrary code. The vulnerability affects versions prior to the specified fixed versions. **Recommendations** For Firefox versions prior to 133, update to version 133 or later. For Firefox ESR versions prior to 128.5, update to version 128.5 or later. For Thunderbird versions prior to 133, update to version 133 or later. For Thunderbird versions prior to 128.5, update to version 128.5 or later.