10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.13 Low
EPSS
Percentile
95.5%
The Mozilla Project reports:
Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
Title: Memory corruption found using Address Sanitizer
Privileged content access and execution via XBL
Arbitrary code execution within Profiler
Execution of unmapped memory through onreadystatechange
Data in the body of XHR HEAD requests leads to CSRF attacks
SVG filters can lead to information disclosure
PreserveWrapper has inconsistent behavior
Sandbox restrictions not applied to nested frame elements
X-Frame-Options ignored when using server push with multi-part
responses
XrayWrappers can be bypassed to run user defined methods in a
privileged context
getUserMedia permission dialog incorrectly displays location
Homograph domain spoofing in .com, .net and .name
Inaccessible updater can lead to local privilege escalation
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | <ย 22.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | <ย 17.0.7,1 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | <ย 2.19 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | <ย 17.0.7 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | <ย 2.19 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | <ย 17.0.7 | UNKNOWN |
www.mozilla.org/security/announce/2013/mfsa2013-49.html
www.mozilla.org/security/announce/2013/mfsa2013-50.html
www.mozilla.org/security/announce/2013/mfsa2013-51.html
www.mozilla.org/security/announce/2013/mfsa2013-52.html
www.mozilla.org/security/announce/2013/mfsa2013-53.html
www.mozilla.org/security/announce/2013/mfsa2013-54.html
www.mozilla.org/security/announce/2013/mfsa2013-55.html
www.mozilla.org/security/announce/2013/mfsa2013-56.html
www.mozilla.org/security/announce/2013/mfsa2013-57.html
www.mozilla.org/security/announce/2013/mfsa2013-58.html
www.mozilla.org/security/announce/2013/mfsa2013-59.html
www.mozilla.org/security/announce/2013/mfsa2013-60.html
www.mozilla.org/security/announce/2013/mfsa2013-61.html
www.mozilla.org/security/announce/2013/mfsa2013-62.html
www.mozilla.org/security/known-vulnerabilities/