Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
The bug is located in the Responsive Design Mode component, a developer tool used to preview websites at various screen resolutions. The vulnerability allows an attacker to escape the isolated execution environment (sandbox), which normally restricts the capabilities of malicious code. The detailed technical mechanism has not been disclosed by the manufacturer (CWE: NVD-CWE-noinfo), however, the maximum CVSS vector indicates that the attack is possible remotely, without authentication and without user interaction, and the impact extends beyond the originally isolated application context.
An attacker can gain full control over the victim's system — including access to sensitive data, ability to modify files, and disruption of system operation — by breaking out of the isolation mechanisms of the browser or mail client.
The software must be updated immediately to the following versions: Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, or Thunderbird 140.9, in which the vulnerability has been patched by the manufacturer.
Mozilla Firefox versions before 149, Mozilla Firefox ESR versions before 115.34 and before 140.9, Mozilla Thunderbird versions before 149 and before 140.9.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HMozilla Firefox
APPMozilla< 115.34.0< 149.0128.0 – 140.9.0 (bez)Mozilla Thunderbird
APPMozilla< 140.9.0< 149.0
Related vulnerabilities
Use-after-free w Animation timelines Firefox/Thunderbird — RCE
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escap...
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes ...
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before...
Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we ...