CRITICAL🇵🇱 Wersja polska

CVE-2025-1942

CVSS 9.8v3.1pub. 2025-03-04upd. 2026-04-13

When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability was fixed in Firefox 136 and Thunderbird 136.

🤖 AI Analysis
How it works

When the String.toUpperCase() operation causes a string to expand (which occurs for some Unicode characters whose uppercase equivalents take up more space), the JavaScript engine does not properly initialize the entire required memory buffer. As a result, a fragment of uninitialized memory may be included in the resulting string (CWE-908: Use of Uninitialized Resource). An attacker could potentially exploit this mechanism through a crafted website or email message containing appropriate JavaScript code.

Impact

An attacker can gain access to sensitive data stored in uninitialized memory of the browser or mail client process, and in the worst case scenario — lead to a breach of application integrity or availability.

Mitigation & patch

Mozilla Firefox should be updated to version 136 or later and Mozilla Thunderbird to version 136 or later. Patches are available directly from the vendor according to MFSA2025-14 and MFSA2025-17 references.

Who is affected

Mozilla Firefox versions prior to 136 and Mozilla Thunderbird versions prior to 136.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mozilla Firefox

    APP
    Mozilla
    < 136.0
  • Mozilla Thunderbird

    APP
    Mozilla
    < 136.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-9680CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Use-after-free w Animation timelines Firefox/Thunderbird — RCE

CVE-2022-26486CRITICAL9.6⚠ KEVten sam produkt

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escap...

CVE-2019-11708CRITICAL10.0⚠ KEVten sam produkt

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes ...

CVE-2010-3765CRITICAL9.8⚠ KEVten sam produkt

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before...

CVE-2026-14241CRITICAL9.8ten sam produkt

Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we ...