CVE-2023-29536

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 112 Focus for Android versions prior to 112 Firefox ESR versions prior to 102.10 Firefox for Android versions prior to 112 Thunderbird versions prior to 102.10

Description An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. The issue is related to the incorrect freeing of a pointer, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. The vulnerability can be triggered by visiting a specially crafted web page, leading to memory corruption and potentially allowing the execution of arbitrary code.

Recommendations For Firefox versions prior to 112, update to version 112 or later. For Focus for Android versions prior to 112, update to version 112 or later. For Firefox ESR versions prior to 102.10, update to version 102.10 or later. For Firefox for Android versions prior to 112, update to version 112 or later. For Thunderbird versions prior to 102.10, update to version 102.10 or later.