CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
90.6%
Versions of SeaMonkey earlier than 2.16 are potentially affected by multiple vulnerabilities :
Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)
An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)
An error exists related to ‘WebIDL’ object wrapping that has an unspecified impact. (CVE-2013-0765)
An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)
The file system location of the active browser profile could be disclosed and used in further attacks. (CVE-2013-0774)
A use-after-free error exists in the function ‘nsImageLoadingContent’. (CVE-2013-0775)
Spoofing HTTPS URLs is possible due to an error related to proxy ‘407’ responses and embedded script code. (CVE-2013-0776)
A heap-based use-after-free error exists in the function ‘nsDisplayBoxShadowOuter::Paint’. (CVE-2013-0777)
An out-of-bounds read error exists in the function ‘ClusterIterator::NextCluster’. (CVE-2013-0778)
An out-of-bounds read error exists in the function ‘nsCodingStateMachine::NextState’. (CVE-2013-0779)
A heap-based use-after-free error exists in the function ‘nsOverflowContinuationTracker::Finish’. (CVE-2013-0780)
A heap-based use-after-free error exists in the function ‘nsPrintEngine::CommonPrint’. (CVE-2013-0781)
A heap-based buffer overflow error exists in the function ‘nsSaveAsCharset::DoCharsetConversion’. (CVE-2013-0782)
Binary data 6693.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0765
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0775
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0777
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0779
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0781
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0784
www.mozilla.org/security/announce/2013/mfsa2013-21.html
www.mozilla.org/security/announce/2013/mfsa2013-22.html
www.mozilla.org/security/announce/2013/mfsa2013-23.html
www.mozilla.org/security/announce/2013/mfsa2013-24.html
www.mozilla.org/security/announce/2013/mfsa2013-25.html
www.mozilla.org/security/announce/2013/mfsa2013-26.html
www.mozilla.org/security/announce/2013/mfsa2013-27.html
www.mozilla.org/security/announce/2013/mfsa2013-28.html