April 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Dell ECS Vulnerabilities
April 24, 2025Multiple Juniper Networks Products Vulnerabilities
April 24, 2025Multiple Dell ECS Vulnerabilities
April 24, 2025Multiple Juniper Networks Products Vulnerabilities
April 24, 2025
Severity
High
Analysis Summary
CVE-2025-23109 CVSS:6.5
Mozilla Firefox for iOS could allow a remote attacker to conduct spoofing attacks, caused by an error when using long hostnames in URLs. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the address bar.
CVE-2025-23108 CVSS:6.5
Mozilla Firefox for iOS could allow a remote attacker to conduct spoofing attacks, caused by an error when opening Javascript links in a new tab via long-press. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL of the new tab.
CVE-2025-0240 CVSS:6.5
Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by a compartment mismatch when parsing JavaScript JSON module. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions.
Impact
- Security Bypass
- Gain Access
Indicators of Compromise
CVE
CVE-2025-23109
CVE-2025-23108
CVE-2025-0240
Affected Vendors
Mozilla
Affected Products
- Mozilla Firefox for iOS - 133
- Mozilla Firefox - 133.0
- Mozilla Firefox ESR - 128.5
Remediation
Upgrade to the latest version of Firefox, available from the Mozilla Website.
