Command and Control
A locally-installed hostile program could send
WM_COPYDATA messages that Firefox would process incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.