Steven Crane

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 65 **Description** The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker using a specially crafted web page. This could potentially allow the execution of arbitrary code or cause a denial of service. The estimated number of potentially affected devices worldwide is not specified. There is evidence of memory corruption, and it is presumed that some of these bugs could be exploited with enough effort. **Recommendations** For versions prior to 65, update to version 65 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable web pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 65 Firefox ESR versions prior to 60.5 Thunderbird versions prior to 60.5 **Description** The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code. This is due to a buffer overflow in memory, allowing a remote attacker to cause a denial of service or execute arbitrary code using a specially crafted web page. **Recommendations** For Firefox versions prior to 65, update to version 65 or later. For Firefox ESR versions prior to 60.5, update to version 60.5 or later. For Thunderbird versions prior to 60.5, update to version 60.5 or later.