Mozilla Products Multiple Vulnerabilities

Release Date: 15 Oct 2025

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, data manipulation, security restriction bypass, remote code execution, spoofing and sensitive information disclosure on the targeted system.

---

Impact

• Information Disclosure
• Data Manipulation
• Security Restriction Bypass
• Remote Code Execution
• Spoofing
• Denial of Service

---

System / Technologies affected

Versions prior to:

 

• Firefox 144
• Firefox ESR 115.29
• Firefox ESR 140.4
• Thunderbird 140.4
• Thunderbird 144

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• Firefox 144
• Firefox ESR 115.29
• Firefox ESR 140.4
• Thunderbird 140.4
• Thunderbird 144

---

Vulnerability Identifier

• CVE-2025-11708
• CVE-2025-11709
• CVE-2025-11710
• CVE-2025-11711
• CVE-2025-11712
• CVE-2025-11713
• CVE-2025-11714
• CVE-2025-11715
• CVE-2025-11716
• CVE-2025-11717
• CVE-2025-11718
• CVE-2025-11719
• CVE-2025-11720
• CVE-2025-11721

---

Source

• Mozilla

---

Related Link

• https://www.mozilla.org/en-US/security/advisories/mfsa2025-81/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-82/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-83/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-84/
• https://www.mozilla.org/en-US/security/advisories/mfsa2025-85/