Lucene search

K

MozillaCVE-2013-0783

HistoryFeb 19, 2013 - 11:55 p.m.

CVE-2013-0783

2013-02-1923:55:01

mozilla

web.nvd.nist.gov

69

cve-2013-0783

mozilla

firefox

denial of service

memory corruption

remote code execution

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

9.9

Confidence

High

EPSS

0.017

Percentile

87.9%

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Affected configurations

Nvd

Node

mozillafirefoxRange<19.0

OR

mozillafirefox_esrRange<17.0.3

OR

mozillaseamonkeyRange<2.16

OR

mozillathunderbirdRange<17.0.3

OR

mozillathunderbird_esrRange<17.0.3

Node

opensuseopensuseMatch11.4

OR

opensuseopensuseMatch12.1

OR

opensuseopensuseMatch12.2

Node

redhatenterprise_linux_ausMatch5.9

OR

redhatenterprise_linux_desktopMatch5.0

OR

redhatenterprise_linux_desktopMatch6.0

OR

redhatenterprise_linux_eusMatch5.9

OR

redhatenterprise_linux_eusMatch6.3

OR

redhatenterprise_linux_serverMatch5.0

OR

redhatenterprise_linux_serverMatch6.0

OR

redhatenterprise_linux_workstationMatch5.0

OR

redhatenterprise_linux_workstationMatch6.0

Node

debiandebian_linuxMatch7.0

Node

canonicalubuntu_linuxMatch10.04-

OR

canonicalubuntu_linuxMatch11.10

OR

canonicalubuntu_linuxMatch12.04esm

OR

canonicalubuntu_linuxMatch12.10

References

lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html

lists.opensuse.org/opensuse-updates/2013-02/msg00062.html

rhn.redhat.com/errata/RHSA-2013-0271.html

rhn.redhat.com/errata/RHSA-2013-0272.html

www.debian.org/security/2013/dsa-2699

www.mozilla.org/security/announce/2013/mfsa2013-21.html

www.ubuntu.com/usn/USN-1729-1

www.ubuntu.com/usn/USN-1729-2

www.ubuntu.com/usn/USN-1748-1

bugzilla.mozilla.org/show_bug.cgi?id=690970

bugzilla.mozilla.org/show_bug.cgi?id=761448

bugzilla.mozilla.org/show_bug.cgi?id=780549

bugzilla.mozilla.org/show_bug.cgi?id=812380

bugzilla.mozilla.org/show_bug.cgi?id=818241

bugzilla.mozilla.org/show_bug.cgi?id=822858

bugzilla.mozilla.org/show_bug.cgi?id=826471

bugzilla.mozilla.org/show_bug.cgi?id=830399

bugzilla.mozilla.org/show_bug.cgi?id=830975

bugzilla.mozilla.org/show_bug.cgi?id=832162

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16219

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

9.9

Confidence

High

EPSS

0.017

Percentile

87.9%

Related for CVE-2013-0783

cvelist1 nvd1 veracode1 ubuntucve1 prion1 openvas61 mozilla1 nessus32 oraclelinux2 centos2 redhat2 freebsd1 suse4 ubuntu3 securityvulns1 debian1 ibm2 gentoo1