SB2025052751 - Multiple vulnerabilities in Mozilla Firefox
Published: May 27, 2025 Updated: May 27, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 11 vulnerabilities.
1) Double free (CVE-ID: CVE-2025-5262)
CWE-ID: CWE-415 - Double Free
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the vpx_codec_enc_init_multi() function in libvpx encoder for WebRTC. A remote attacker can trick the victim into visiting a specially crafted website, trigger a double free error and execute arbitrary code on the target system.
2) Improper error handling (CVE-ID: CVE-2025-5263)
CWE-ID: CWE-388 - Error Handling
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to error handling for script execution is not correctly isolated from the web content. A remote attacker can trick the victim into opening a specially crafted website and obtain certain information cross-origin.
3) Input validation error (CVE-ID: CVE-2025-5264)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input within the "Copy as cURL" feature. A remote attacker can trick the victim into copying a specially crafted URL, trick the victim into using this command and execute arbitrary commands on the system.
4) Input validation error (CVE-ID: CVE-2025-5265)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input within the "Copy as cURL" feature. A remote attacker can trick the victim into copying a specially crafted URL, trick the victim into using this command and execute arbitrary commands on the system.
The vulnerability affects Windows installations only.
5) Buffer overflow (CVE-ID: CVE-2025-5272)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
6) Information disclosure (CVE-ID: CVE-2025-5266)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to script elements loading cross-origin resources generated load and error
events, which leaked information. A remote attacker can gain access to sensitive information.
7) Cleartext transmission of sensitive information (CVE-ID: CVE-2025-5270)
CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information
CVSSv4: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software does not always encrypt SNI even when encrypted DNS was enabled. A remote attacker with ability to intercept network traffic can gain access to sensitive data.
8) Protection Mechanism Failure (CVE-ID: CVE-2025-5271)
CWE-ID: CWE-693 - Protection Mechanism Failure
CVSSv4: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to Devtools ignores CSP headers when previewing content. A remote attacker can perform content injection attacks.
9) Buffer overflow (CVE-ID: CVE-2025-5269)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
10) Buffer overflow (CVE-ID: CVE-2025-5268)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
11) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2025-5267)
CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations
CVSSv4: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform clickjacking attacks.
The vulnerability exists due to an error in the UI that can lead to information disclosure. A remote attacker can perform a clickjacking attack and trick a user into leaking saved payment card details to a malicious page.
Remediation
Install update from vendor's website.
References
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-43/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-44/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-42/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1962421
- https://bugzilla.mozilla.org/show_bug.cgi?id=1960745
- https://bugzilla.mozilla.org/show_bug.cgi?id=1950001
- https://bugzilla.mozilla.org/show_bug.cgi?id=1962301
- https://www.mozilla.org/security/advisories/mfsa2025-42/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1726254
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1742738
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1960121
- https://bugzilla.mozilla.org/show_bug.cgi?id=1965628
- https://www.mozilla.org/security/advisories/mfsa2025-44/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1910298
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920348
- https://bugzilla.mozilla.org/show_bug.cgi?id=1924108
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1958121
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1960499
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1962634
- https://bugzilla.mozilla.org/show_bug.cgi?id=1954137