Lucene search
HistoryApr 03, 2013 - 11:56 a.m.
CVE-2013-0792
cve-2013-0792
mozilla firefox
seamonkey
memory corruption
png rendering
color profiles
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
85.5%
Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
Affected configurations
Node
mozillafirefoxRange≤19.0.2
ORmozillafirefoxMatch19.0
ORmozillafirefoxMatch19.0.1
Node
mozillaseamonkeyRange≤2.17beta4
ORmozillaseamonkeyMatch2.0
ORmozillaseamonkeyMatch2.0alpha_1
ORmozillaseamonkeyMatch2.0alpha_2
ORmozillaseamonkeyMatch2.0alpha_3
ORmozillaseamonkeyMatch2.0beta_1
ORmozillaseamonkeyMatch2.0beta_2
ORmozillaseamonkeyMatch2.0rc1
ORmozillaseamonkeyMatch2.0rc2
ORmozillaseamonkeyMatch2.0.1
ORmozillaseamonkeyMatch2.0.2
ORmozillaseamonkeyMatch2.0.3
ORmozillaseamonkeyMatch2.0.4
ORmozillaseamonkeyMatch2.0.5
ORmozillaseamonkeyMatch2.0.6
ORmozillaseamonkeyMatch2.0.7
ORmozillaseamonkeyMatch2.0.8
ORmozillaseamonkeyMatch2.0.9
ORmozillaseamonkeyMatch2.0.10
ORmozillaseamonkeyMatch2.0.11
ORmozillaseamonkeyMatch2.0.12
ORmozillaseamonkeyMatch2.0.13
ORmozillaseamonkeyMatch2.0.14
ORmozillaseamonkeyMatch2.1
ORmozillaseamonkeyMatch2.1alpha1
ORmozillaseamonkeyMatch2.1alpha2
ORmozillaseamonkeyMatch2.1alpha3
ORmozillaseamonkeyMatch2.1beta1
ORmozillaseamonkeyMatch2.1beta2
ORmozillaseamonkeyMatch2.1beta3
ORmozillaseamonkeyMatch2.1rc1
ORmozillaseamonkeyMatch2.1rc2
ORmozillaseamonkeyMatch2.2
ORmozillaseamonkeyMatch2.2beta1
ORmozillaseamonkeyMatch2.2beta2
ORmozillaseamonkeyMatch2.2beta3
ORmozillaseamonkeyMatch2.3
ORmozillaseamonkeyMatch2.3beta1
ORmozillaseamonkeyMatch2.3beta2
ORmozillaseamonkeyMatch2.3beta3
ORmozillaseamonkeyMatch2.3.1
ORmozillaseamonkeyMatch2.3.2
ORmozillaseamonkeyMatch2.3.3
ORmozillaseamonkeyMatch2.4
ORmozillaseamonkeyMatch2.4beta1
ORmozillaseamonkeyMatch2.4beta2
ORmozillaseamonkeyMatch2.4beta3
ORmozillaseamonkeyMatch2.4.1
ORmozillaseamonkeyMatch2.5
ORmozillaseamonkeyMatch2.5beta1
ORmozillaseamonkeyMatch2.5beta2
ORmozillaseamonkeyMatch2.5beta3
ORmozillaseamonkeyMatch2.5beta4
ORmozillaseamonkeyMatch2.6
ORmozillaseamonkeyMatch2.6beta1
ORmozillaseamonkeyMatch2.6beta2
ORmozillaseamonkeyMatch2.6beta3
ORmozillaseamonkeyMatch2.6beta4
ORmozillaseamonkeyMatch2.6.1
ORmozillaseamonkeyMatch2.7
ORmozillaseamonkeyMatch2.7beta1
ORmozillaseamonkeyMatch2.7beta2
ORmozillaseamonkeyMatch2.7beta3
ORmozillaseamonkeyMatch2.7beta4
ORmozillaseamonkeyMatch2.7beta5
ORmozillaseamonkeyMatch2.7.1
ORmozillaseamonkeyMatch2.7.2
ORmozillaseamonkeyMatch2.8
ORmozillaseamonkeyMatch2.8beta1
ORmozillaseamonkeyMatch2.8beta2
ORmozillaseamonkeyMatch2.8beta3
ORmozillaseamonkeyMatch2.8beta4
ORmozillaseamonkeyMatch2.8beta5
ORmozillaseamonkeyMatch2.8beta6
ORmozillaseamonkeyMatch2.9
ORmozillaseamonkeyMatch2.9beta1
ORmozillaseamonkeyMatch2.9beta2
ORmozillaseamonkeyMatch2.9beta3
ORmozillaseamonkeyMatch2.9beta4
ORmozillaseamonkeyMatch2.9.1
ORmozillaseamonkeyMatch2.10
ORmozillaseamonkeyMatch2.10beta1
ORmozillaseamonkeyMatch2.10beta2
ORmozillaseamonkeyMatch2.10beta3
ORmozillaseamonkeyMatch2.10.1
ORmozillaseamonkeyMatch2.11
ORmozillaseamonkeyMatch2.11beta1
ORmozillaseamonkeyMatch2.11beta2
ORmozillaseamonkeyMatch2.11beta3
ORmozillaseamonkeyMatch2.11beta4
ORmozillaseamonkeyMatch2.11beta5
ORmozillaseamonkeyMatch2.11beta6
ORmozillaseamonkeyMatch2.12
ORmozillaseamonkeyMatch2.12beta1
ORmozillaseamonkeyMatch2.12beta2
ORmozillaseamonkeyMatch2.12beta3
ORmozillaseamonkeyMatch2.12beta4
ORmozillaseamonkeyMatch2.12beta5
ORmozillaseamonkeyMatch2.12beta6
ORmozillaseamonkeyMatch2.12.1
ORmozillaseamonkeyMatch2.13
ORmozillaseamonkeyMatch2.13beta1
ORmozillaseamonkeyMatch2.13beta2
ORmozillaseamonkeyMatch2.13beta3
ORmozillaseamonkeyMatch2.13beta4
ORmozillaseamonkeyMatch2.13beta5
ORmozillaseamonkeyMatch2.13beta6
ORmozillaseamonkeyMatch2.13.1
ORmozillaseamonkeyMatch2.13.2
ORmozillaseamonkeyMatch2.14
ORmozillaseamonkeyMatch2.14beta1
ORmozillaseamonkeyMatch2.14beta2
ORmozillaseamonkeyMatch2.14beta3
ORmozillaseamonkeyMatch2.14beta4
ORmozillaseamonkeyMatch2.14beta5
ORmozillaseamonkeyMatch2.15
ORmozillaseamonkeyMatch2.15beta1
ORmozillaseamonkeyMatch2.15beta2
ORmozillaseamonkeyMatch2.15beta3
ORmozillaseamonkeyMatch2.15beta4
ORmozillaseamonkeyMatch2.15beta5
ORmozillaseamonkeyMatch2.15beta6
ORmozillaseamonkeyMatch2.15.1
ORmozillaseamonkeyMatch2.15.2
ORmozillaseamonkeyMatch2.16
ORmozillaseamonkeyMatch2.16beta1
ORmozillaseamonkeyMatch2.16beta2
ORmozillaseamonkeyMatch2.16beta3
ORmozillaseamonkeyMatch2.16beta4
ORmozillaseamonkeyMatch2.16beta5
ORmozillaseamonkeyMatch2.16.1
ORmozillaseamonkeyMatch2.16.2
ORmozillaseamonkeyMatch2.17beta1
ORmozillaseamonkeyMatch2.17beta2
ORmozillaseamonkeyMatch2.17beta3
| CPE | Name | Operator | Version |
|---|---|---|---|
| mozilla:firefox | mozilla firefox | le | 19.0.2 |
| mozilla:firefox | mozilla firefox | eq | 19.0 |
| mozilla:firefox | mozilla firefox | eq | 19.0.1 |
References
lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html
lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html
lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html
lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html
lists.opensuse.org/opensuse-updates/2013-06/msg00012.html
www.mozilla.org/security/announce/2013/mfsa2013-39.html
bugzilla.mozilla.org/show_bug.cgi?id=722831
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17021
Related
ubuntucve
ubuntucve
CVE-2013-0792
2013-04-03 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2013-39) - Linux
2021-11-11 00:00:00
Ubuntu: Security Advisory (USN-1786-2)
2013-04-05 00:00:00
Mozilla SeaMonkey Multiple Vulnerabilities -01 (Apr 2013) - Windows
2013-04-08 00:00:00
mozilla
mozilla
Memory corruption while rendering grayscale PNG images — Mozilla
2013-04-02 00:00:00
nvd
nvd
CVE-2013-0792
2013-04-03 11:56:21
prion
prion
Memory corruption
2013-04-03 11:56:00
cvelist
cvelist
CVE-2013-0792
2013-04-03 10:00:00
nessus
nessus
openSUSE Security Update : seamonkey (openSUSE-SU-2013:0875-1)
2014-06-13 00:00:00
Firefox < 20 Multiple Vulnerabilities (Mac OS X)
2013-04-04 00:00:00
Thunderbird < 17.0.5 Multiple Vulnerabilities (Mac OS X)
2013-04-04 00:00:00
ubuntu
ubuntu
Unity Firefox Extension update
2013-04-04 00:00:00
Firefox vulnerabilities
2013-04-04 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2013-05-31 19:04:12
Mozilla Firefox and others: Update to 20.0/17.0.5 releases (important)
2013-04-05 18:06:10
Security update for Mozilla Firefox (important)
2013-05-28 21:04:38
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-04-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-04-02 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
85.5%
Related for CVE-2013-0792