- Description
- Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Thunderbird < 139.
- Source
- security@mozilla.org
- NVD status
- Modified
CVSS 3.1
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
- Hype score
- Not currently trending
🚨 High-severity memory flaw in Firefox & Thunderbird <139 (CVE-2025-5272) could enable arbitrary code execution. Update now to stay secure. More details: https://t.co/FsDfre382T #CyberSecurity #Firefox #ThreatIntel #CVE2025
@threatsbank
28 May 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5272 Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of th… https://t.co/CiHX3uv5xW
@CVEnew
27 May 2025
304 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82C74587-41B7-49DB-8B9D-99DE41506023",
"versionEndExcluding": "139.0"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BC51636-40B4-4FB9-975F-CBF61A91A8AC",
"versionEndExcluding": "139.0"
}
],
"operator": "OR"
}
]
}
]