PT-2025-18162 · Mozilla+11 · Firefox Esr+12

Andrew Mccreight

·

Published

2025-04-29

·

Updated

2026-04-14

·

CVE-2025-4093

CVSS v3.1

8.1

High

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox ESR versions 128.9 and earlier Thunderbird ESR versions 128.9 and earlier
Description A memory safety bug is present, showing evidence of memory corruption. It is presumed that with enough effort, this could be exploited to run arbitrary code.
Recommendations For Firefox ESR version 128.9 and earlier, update to version 128.10 or later. For Thunderbird ESR version 128.9 and earlier, update to version 128.10 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025:4443
ALSA-2025:4458
ALSA-2025:4460
ALSA-2025:4797
ALSA-2025:7428
ALSA-2025:7506
ALSA-2025:7507
ALT-PU-2025-6254
ALT-PU-2025-7022
ALT-PU-2025-7695
BDU:2025-06660
CESA-2025_4458
CESA-2025_4797
CVE-2025-4093
DLA-4167-1
DLA-4172-1
DSA-5910-1
DSA-5912-1
INFSA-2025_4443
INFSA-2025_4458
INFSA-2025_4460
INFSA-2025_4797
INFSA-2025_7428
MGASA-2025-0150
MGASA-2025-0151
OESA-2025-1486
OESA-2025-1487
OESA-2025-1488
OESA-2025-1489
OESA-2025-1835
OPENSUSE-SU-2025:15042-1
OPENSUSE-SU-2025_1436-1
OPENSUSE-SU-2025_1506-1
RHSA-2025:4443
RHSA-2025:4458
RHSA-2025:4460
RHSA-2025:4751
RHSA-2025:4752
RHSA-2025:4753
RHSA-2025:4756
RHSA-2025:4797
RHSA-2025:7428
RHSA-2025:7506
RHSA-2025:7507
RHSA-2025:7543
RHSA-2025:7544
RHSA-2025:7545
RHSA-2025:7547
RHSA-2025:7689
RHSA-2025:7690
RHSA-2025:7691
RHSA-2025:7692
RHSA-2025:7693
RHSA-2025:7694
RHSA-2025:7695
RHSA-2025_4443
RHSA-2025_4458
RHSA-2025_4460
RHSA-2025_4797
RHSA-2025_7428
SUSE-SU-2025:1436-1
SUSE-SU-2025:1506-1
USN-7663-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird Esr
Ubuntu