Описание
An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. This vulnerability affects Firefox ESR < 115.23.1.
An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. This vulnerability affects Firefox ESR < 115.23.1.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-4918
- https://bugzilla.mozilla.org/show_bug.cgi?id=1966612
- https://www.mozilla.org/security/advisories/mfsa2025-36
- https://www.mozilla.org/security/advisories/mfsa2025-37
- https://www.mozilla.org/security/advisories/mfsa2025-38
- https://www.mozilla.org/security/advisories/mfsa2025-40
- https://www.mozilla.org/security/advisories/mfsa2025-41
- https://www.vicarius.io/vsociety/posts/cve-2025-4918-detect-firefox-out-of-bounds-write
- https://www.vicarius.io/vsociety/posts/cve-2025-4918-mitigate-firefox-out-of-bounds-write
Связанные уязвимости
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
An attacker was able to perform an out-of-bounds read or write on a Ja ...
Уязвимость обработчика JavaScript-сценариев браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании