Mozilla Products Multiple Vulnerabilities

Release Date: 5 Feb 2025

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, spoofing and data manipulation on the targeted system.

---

Impact

• Remote Code Execution
• Denial of Service
• Data Manipulation
• Spoofing

---

System / Technologies affected

Versions prior to:

 

• Firefox 135
• Firefox ESR 115.20
• Firefox ESR 128.7
• Thunderbird 115.20
• Thunderbird 128.7
• Thunderbird 135
• Thunderbird ESR 128.7

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• Firefox 135
• Firefox ESR 115.20
• Firefox ESR 128.7
• Thunderbird 115.20
• Thunderbird 128.7
• Thunderbird 135
• Thunderbird ESR 128.7

---

Vulnerability Identifier

• CVE-2024-11704
• CVE-2024-49040
• CVE-2025-0510
• CVE-2025-1009
• CVE-2025-1010
• CVE-2025-1011
• CVE-2025-1012
• CVE-2025-1013
• CVE-2025-1014
• CVE-2025-1015
• CVE-2025-1016
• CVE-2025-1017
• CVE-2025-1018
• CVE-2025-1019
• CVE-2025-1020

---

Source

• Mozilla

---

Related Link

• https://www.mozilla.org/en-US/security/advisories/mfsa2025-07/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-08/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-09/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-10/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-11/