CVE-2025-4919
Vulnerability related to out-of-bounds read or write on a JavaScript object in Firefox.
Overview
This is an exploitable vulnerability where an attacker can perform out-of-bounds read or write operations on a JavaScript object in older versions of Firefox by confusing array index sizes.
Technical Details
The issue is linked to incorrect handling of array index sizes in JavaScript, allowing an attacker to perform out-of-bounds read or write operations. It affects Firefox versions before 138.0.4, Firefox ESR before 128.10.1, and Firefox ESR before 115.23.1.
CVSS Metrics
Metrics were not provided in the CVE data.
Impact
The impact of exploiting this vulnerability could be severe, as it could potentially lead to unauthorized data access, data corruption, or even system takeover.
Recommendations
To mitigate this vulnerability, it is recommended to update the Firefox browser to the latest version. If unable to do so, users should limit the use of JavaScript content from untrusted sources.
Threat Metrics
Given CVE data does not provide enough information regarding CVSS/threat metrics.
Related CWEs
No related CWEs were provided in the CVE data.