跳转到帖子

Red Hat: CVE-2025-1009: firefox: thunderbird: Use-after-free in XSLT (Multiple Advisories)

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Red Hat: CVE-2025-1009: firefox: thunderbird: Use-after-free in XSLT (Multiple Advisories)

Severity
9
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:C)
Published
02/04/2025
Created
02/11/2025
Added
02/10/2025
Modified
02/13/2025

Description

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

Solution(s)

  • redhat-upgrade-firefox
  • redhat-upgrade-firefox-debuginfo
  • redhat-upgrade-firefox-debugsource
  • redhat-upgrade-firefox-x11
  • redhat-upgrade-thunderbird
  • redhat-upgrade-thunderbird-debuginfo
  • redhat-upgrade-thunderbird-debugsource

References

  • CVE-2025-1009
  • RHSA-2025:1066
  • RHSA-2025:1137
  • RHSA-2025:1139
  • RHSA-2025:1140
  • RHSA-2025:1184
  • RHSA-2025:1283
  • RHSA-2025:1292
  • RHSA-2025:1317
  • RHSA-2025:1318
  • RHSA-2025:1340
View more
  • 引用
  • Mention
    • 查看数 707
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。

    游客
    回帖…
    转到主题列表