Paul Bone

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 142 Firefox ESR versions prior to 140.2 Thunderbird versions prior to 142 Thunderbird ESR versions prior to 140.2 Description: Memory safety bugs are present in the software, with some showing evidence of memory corruption. It is presumed that, with sufficient effort, some of these bugs could be exploited to run arbitrary code. Recommendations: Update Firefox to version 142 or later. Update Firefox ESR to version 140.2 or later. Update Thunderbird to version 142 or later. Update Thunderbird ESR to version 140.2 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions 124 and earlier Firefox ESR versions 115.9 and earlier Thunderbird versions 115.9 and earlier **Description** The issue is related to a memory safety bug that can cause memory corruption. It is presumed that with sufficient effort, this bug could be exploited to run arbitrary code. The vulnerability is also described as a buffer overflow issue when handling HTML content, which could allow a remote attacker to execute arbitrary code. **Recommendations** For Firefox version 124 and earlier, update to version 125 or later. For Firefox ESR version 115.9 and earlier, update to version 115.10 or later. For Thunderbird version 115.9 and earlier, update to version 115.10 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 124 **Description** The issue is related to memory safety bugs present in Firefox, which can lead to memory corruption. With enough effort, these bugs could potentially be exploited to run arbitrary code. This allows a remote attacker to execute malicious code without user knowledge or interaction. **Recommendations** For versions prior to 124, update to Firefox version 124 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive features or data until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 123 Firefox ESR versions prior to 115.8 Thunderbird versions prior to 115.8 **Description** The issue is related to memory safety bugs that can lead to memory corruption, potentially allowing a remote attacker to execute arbitrary code. Some of these bugs have shown evidence of memory corruption, and it is presumed that with enough effort, they could be exploited to run arbitrary code. **Recommendations** For Firefox versions prior to 123, update to version 123 or later to resolve the issue. For Firefox ESR versions prior to 115.8, update to version 115.8 or later to resolve the issue. For Thunderbird versions prior to 115.8, update to version 115.8 or later to resolve the issue.