Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable801345.PRM
HistoryJan 15, 2013 - 12:00 a.m.

Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities

2013-01-1500:00:00
Tenable
www.tenable.com
21

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.971

Percentile

99.8%

JSON

Versions of Firefox 17.x are potentially affected by the following security issues :

  • Multiple, unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. (CVE-2012-5829, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771)

  • Two intermediate certificates were improperly issued by TURKTRUST certificate authority. (CVE-2013-0743)

  • A use-after-free error exists related to displaying HTML tables with many columns and column groups. (CVE-2013-0744)

  • An error exists related to the β€˜AutoWrapperChanger’ class that does not properly manage objects during garbage collection. (CVE-2012-0745)

  • An error exists related to β€˜jsval’, β€˜quickstubs’, and compartmental mismatches that can lead potentially exploitable crashes. (CVE-2013-0746)

  • Errors exist related to events in the plugin handler that can allow same-origin policy bypass. (CVE-2013-0747)

  • An error related to the β€˜toString’ method of XBL objects can lead to address information leakage. (CVE-2013-0748)

  • An unspecified memory corruption issue exists. (CVE-2013-0749, CVE-2013-0769, CVE-2013-0770)

  • A buffer overflow exists related to JavaScript string concatenation. (CVE-2013-0750)

  • An error exists related to multiple XML bindings with SVG content, contained in XBL files. (CVE-2013-0752)

  • A use-after-free error exists related to β€˜XMLSerializer’ and β€˜serializeToStream’. (CVE-2013-0753)

  • A use-after-free error exists related to garbage collection and β€˜ListenManager’. (CVE-2013-0754)

  • A use-after-free error exists related to the β€˜Vibrate’ library and β€˜domDoc’. (CVE-2013-0755)

  • A use-after-free error exists related to JavaScript β€˜Proxy’ objects. (CVE-2013-0756)

  • β€˜Chrome Object Wrappers’ (COW) can be bypassed by changing object prototypes and can allow arbitrary code execution. (CVE-2013-0757)

  • An error related to SVG elements and plugins can allow privilege escalation. (CVE-2013-0758)

  • An error exists related to the address bar that can allow URL spoofing attacks. (CVE-2013-0759)

  • An error exists related to SSL and threading that can result in potentially exploitable crashes. (CVE-2013-0764)

  • An error exists related to β€˜Canvas’ and bad height or width values passed to it from HTML. (CVE-2013-0768)

Binary data 801345.prm

References

Related

nessus 50
ubuntu 4
openvas 71
freebsd 1
suse 6
securityvulns 1
centos 3
veracode 4
redhat 3
oraclelinux 2
mozilla 4
fedora 3
metasploit 1
checkpoint_advisories 1
zdt 2
ibm 2
seebug 2
nvd 7
cve 7
cvelist 9
ubuntucve 7
prion 7
gentoo 1
zdi 1
nessus
nessus
Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities
2013-01-15 00:00:00
Mozilla SeaMonkey 2.x <= 2.14 Multiple Vulnerabilities
2013-01-15 00:00:00
SeaMonkey 2.14.x < 2.15 Multiple Vulnerabilities
2013-01-15 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2013-01-09 00:00:00
Firefox regression
2013-02-05 00:00:00
Firefox vulnerabilities
2013-01-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1681-1)
2013-01-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0292-1)
2021-06-09 00:00:00
Ubuntu Update for firefox USN-1681-1
2013-01-11 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-01-08 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2013-01-18 19:04:49
Security update for MozillaFirefox (important)
2013-02-13 23:04:32
Security update for MozillaFirefox (important)
2013-01-18 20:04:36
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-01-10 00:00:00
centos
centos
thunderbird security update
2013-01-09 05:51:41
firefox, xulrunner security update
2013-01-09 05:51:05
nspr, nss security update
2013-02-01 00:52:44
veracode
veracode
Memory Corruption
2019-05-02 04:45:41
Out-Of-Bounds Read
2019-05-02 04:45:40
Use-After-Free
2019-05-02 04:45:40
redhat
redhat
(RHSA-2013:0144) Critical: firefox security update
2013-01-08 00:00:00
(RHSA-2013:0145) Critical: thunderbird security update
2013-01-08 00:00:00
(RHSA-2013:0213) Important: nss, nss-util, and nspr security, bug fix, and enhancement update
2013-01-31 00:00:00
oraclelinux
oraclelinux
firefox security update
2013-01-08 00:00:00
thunderbird security update
2013-01-08 00:00:00
mozilla
mozilla
Use-after-free and buffer overflow issues found using Address Sanitizer β€” Mozilla
2013-01-08 00:00:00
Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2) β€” Mozilla
2013-01-08 00:00:00
Chrome Object Wrapper (COW) bypass through changing prototype β€” Mozilla
2013-01-08 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: seamonkey-2.15.1-1.fc18
2013-01-26 15:59:50
[SECURITY] Fedora 16 Update: seamonkey-2.15.1-1.fc16
2013-02-02 04:26:35
[SECURITY] Fedora 17 Update: seamonkey-2.15.1-1.fc17
2013-02-02 04:21:54
metasploit
metasploit
Firefox 17.0.1 Flash Privileged Code Injection
2013-05-16 04:52:51
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Flash Privileged Code Injection (CVE-2013-0757; CVE-2013-0758)
2013-06-27 00:00:00
zdt
zdt
Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection Exploit
2017-03-23 00:00:00
GIT 1.8.5.6 / 1.9.5 / 2.0.5 / 2.1.4/ 2.2.1 & Mercurial < 3.2.3 - Exploit
2017-03-23 00:00:00
ibm
ibm
Security Bulletin: Storwize V7000 Unified Update Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
seebug
seebug
IBM AIX 'getpwnam()'ζœ¬εœ°ζƒι™ζε‡ζΌζ΄ž(CVE-2012-0745)
2012-05-15 00:00:00
Mozilla Firefox mozilla::TrackUnionStream::EndTrackε †ι‡Šζ”ΎεŽι‡η”¨ζΌζ΄ž
2013-01-10 00:00:00
nvd
nvd
CVE-2012-0745
2012-05-04 16:55:01
CVE-2013-0761
2013-01-13 20:55:02
CVE-2013-0764
2013-01-13 20:55:02
cve
cve
CVE-2012-0745
2012-05-04 16:55:01
CVE-2013-0744
2013-01-13 20:55:01
CVE-2013-0770
2013-01-13 20:55:02
cvelist
cvelist
CVE-2012-0745
2012-05-04 16:00:00
CVE-2013-0757
2013-01-13 20:00:00
CVE-2013-0761
2013-01-13 20:00:00
ubuntucve
ubuntucve
CVE-2013-0757
2013-01-09 00:00:00
CVE-2013-0761
2013-01-09 00:00:00
CVE-2013-0759
2013-01-09 00:00:00
prion
prion
Design/Logic Flaw
2013-01-13 20:55:00
Design/Logic Flaw
2012-05-04 16:55:00
Design/Logic Flaw
2013-01-25 18:55:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00
zdi
zdi
Mozilla Firefox obj_toSource Use-After-Free Remote Code Execution Vulnerability
2013-03-22 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.971

Percentile

99.8%

JSON
Related for 801345.PRM
nessus50ubuntu4openvas71freebsd1suse6securityvulns1centos3veracode4redhat3oraclelinux2mozilla4fedora3metasploit1checkpoint_advisories1zdt2ibm2seebug2nvd7cve7cvelist9ubuntucve7prion7gentoo1zdi1