Vulnerability identifier: #VU53706
Vulnerability risk: Low
Exploitation vector: Local
Exploit availability: No
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A locally-installed hostile program could send
WM_COPYDATA messages that Firefox would processing incorrectly and will result in out-of-bounds read.
Note, the vulnerability affects Windows installations only.
Install updates from vendor's website.
Vulnerable software versions
Mozilla Firefox: 60.0 - 88.0.1
Firefox ESR: 78.0 - 78.10.1, 68.0 - 68.12.0, 60.0 - 60.9.0
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?