MFSA-RESERVE-2025-7
First published: Tue Apr 29 2025(Updated: )
Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Thunderbird | <128.10 | 128.10 |
| Firefox ESR | <128.10 | 128.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of MFSA-RESERVE-2025-7?
MFSA-RESERVE-2025-7 has potential critical severity due to memory corruption that could allow for arbitrary code execution.
How do I fix MFSA-RESERVE-2025-7?
To fix MFSA-RESERVE-2025-7, update your Mozilla Thunderbird ESR or Firefox ESR to version 128.10.
What software is affected by MFSA-RESERVE-2025-7?
MFSA-RESERVE-2025-7 affects Mozilla Thunderbird ESR 128.9 and Firefox ESR 128.9.
Can MFSA-RESERVE-2025-7 be exploited?
Yes, MFSA-RESERVE-2025-7 shows evidence of memory corruption and could potentially be exploited to run arbitrary code.
Is there a workaround for MFSA-RESERVE-2025-7?
There are no specific workarounds for MFSA-RESERVE-2025-7; the best course of action is to apply the update to version 128.10.
- collector/mozilla-advisory
- source/Mozilla
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/references
- agent/source
- agent/tags
- agent/severity
- agent/description
- agent/first-publish-date
- agent/type
- agent/softwarecombine
- agent/event
- vendor/mozilla
- canonical/mozilla thunderbird
- canonical/firefox esr