Mozilla Thunderbird 141 Security Advisory: Memory Corruption, XSS, DNS Rebinding (CVE-2025-8027, 8029, 8038)

Critical Vulnerability Information Vulnerability Overview Advisory ID: Mozilla Foundation Security Advisory 2025-61 Affected Product: Thunderbird 141 Release Date: Not specified Vulnerability Details 1. CVE-2025-8027: JavaScript Engine Writes Partial Return Values to Stack - Severity: Medium - Description: In the JavaScript engine, when handling certain types of function calls, partial return values may be incorrectly written to the stack, potentially leading to memory corruption. 2. CVE-2025-8038: Large Branch Table May Cause Instruction Truncation - Severity: Medium - Description: When processing large branch tables, instructions may be truncated, potentially causing unexpected program behavior or crashes. 3. CVE-2025-8029: JavaScript URLs Executed in and Tags - Severity: High - Description: Under certain conditions, JavaScript URLs can be executed within and tags, potentially leading to Cross-Site Scripting (XSS) attacks. 4. CVE-2025-B036: DNS Rebinding Bypasses CORS - Severity: High - Description: Attackers can exploit DNS rebinding techniques to bypass CORS restrictions, enabling access to protected resources. 5. CVE-2025-8037: Nameless Cookies Overwrite Secure Cookies - Severity: Medium - Description: In some cases, nameless cookies may overwrite secure cookies, potentially leading to session hijacking or other security issues. 6. CVE-2025-8030: Potential User-Assisted Code Execution in "Copy as cURL" Command - Severity: Medium - Description: When using the "Copy as cURL" feature, if malicious data is input by the user, it may lead to code execution. 7. CVE-2025-8043: Incorrect URL Truncation - Severity: Low - Description: When processing certain URLs, incorrect truncation may occur, leading to unintended behavior. 8. CVE-2025-8031: Incorrect URL Stripping in CSP Reports - Severity: Low - Description: In CSP reports, URLs may be incorrectly stripped, leading to inaccurate reporting. 9. CVE-2025-8022: XSLT Documents Can Bypass CSP - Severity: High - Description: In certain scenarios, XSLT documents can bypass CSP restrictions, potentially leading to security issues. 10. CVE-2025-8035: CSP frame-src Incorrectly Enforces Path Restrictions - Severity: Medium - Description: The CSP frame-src directive incorrectly enforces path restrictions, potentially allowing content to be embedded from untrusted sources. 11. CVE-2025-8039: Search Terms Retained in URL Bar - Severity: Low - Description: User search terms may remain in the URL bar even after navigating away from the page. 12. CVE-2025-8033: Incorrect JavaScript State Machine for Generators - Severity: Medium - Description: When handling generators, the JavaScript state machine may contain errors, potentially leading to unexpected behavior. 13. CVE-2025-8044: Memory Safety Vulnerabilities in Firefox 141 and Thunderbird 141 - Severity: High - Description: Multiple memory safety vulnerabilities exist in Firefox 141 and Thunderbird 141, potentially leading to memory corruption and other security issues. 14. CVE-2025-8040: Memory Safety Vulnerabilities in Firefox ESR 140.3, Thunderbird ESR 140.1, Firefox 141, and Thunderbird 141 - Severity: High - Description: Multiple memory safety vulnerabilities exist in Firefox ESR 140.3, Thunderbird ESR 140.1, Firefox 141, and Thunderbird 141, potentially leading to memory corruption and other security issues. 15. CVE-2025-8035: Memory Safety Vulnerabilities in Firefox ESR 128.13, Thunderbird ESR 140.1, Firefox 141, and Thunderbird 141 - Severity: High - Description: Multiple memory safety vulnerabilities exist in Firefox ESR 128.13, Thunderbird ESR 140.1, Firefox 141, and Thunderbird 141, potentially leading to memory corruption and other security issues.

Goal Reached Thanks to every supporter — we hit 100%!

Mozilla Thunderbird 141 Security Advisory: Memory Corruption, XSS, DNS Rebinding (CVE-2025-8027, 8029, 8038)

More from this source