Lucene search
Ubuntu.comUB:CVE-2013-1710HistoryAug 06, 2013 - 12:00 a.m.
CVE-2013-1710
2013-08-0600:00:00
ubuntu.com
ubuntu.com
21
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.927 High
EPSS
Percentile
99.0%
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0,
Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR
17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to
execute arbitrary JavaScript code or conduct cross-site scripting (XSS)
attacks via vectors related to Certificate Request Message Format (CRMF)
request generation.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | firefox | < 23.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | firefox | < 23.0+build2-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | firefox | < 23.0+build2-0ubuntu0.13.04.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 17.0.8+build1-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | thunderbird | < 17.0.8+build1-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | thunderbird | < 17.0.8+build1-0ubuntu0.13.04.1 | UNKNOWN |
References
Related
saint
saint
Firefox crypto.generateCRMFRequest command execution
2014-08-21 00:00:00
Firefox crypto.generateCRMFRequest command execution
2014-08-21 00:00:00
Firefox crypto.generateCRMFRequest command execution
2014-08-21 00:00:00
cvelist
cvelist
CVE-2013-1710
2013-08-07 01:00:00
mozilla
mozilla
CRMF requests allow for code execution and XSS attacks — Mozilla
2013-08-06 00:00:00
nvd
nvd
CVE-2013-1710
2013-08-07 01:55:04
cve
cve
CVE-2013-1710
2013-08-07 01:55:04
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2013-69) - Linux
2021-11-11 00:00:00
Debian Security Advisory DSA 2735-1 (iceweasel - several vulnerabilities)
2013-08-07 00:00:00
RedHat Update for thunderbird RHSA-2013:1142-01
2013-08-08 00:00:00
prion
prion
Cross site scripting
2013-08-07 01:55:00
zdt
zdt
Firefox toString console.time Privileged Javascript Injection Exploit
2014-08-18 00:00:00
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution Vulnerability
2013-12-24 00:00:00
metasploit
metasploit
Firefox toString console.time Privileged Javascript Injection
2014-08-15 20:17:37
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
2013-12-18 20:31:42
seebug
seebug
Mozilla Firefox/SeaMonkey/Thunderbird CRMF请求生成跨站脚本漏洞
2013-12-25 00:00:00
Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution
2014-07-01 00:00:00
Firefox toString console.time Privileged Javascript Injection
2014-08-20 00:00:00
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
Firefox 15.0.1 Code Execution
2013-12-23 00:00:00
Firefox toString console.time Privileged Javascript Injection
2014-08-18 00:00:00
exploitdb
exploitdb
nessus
nessus
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20130807)
2013-08-08 00:00:00
Oracle Linux 6 : thunderbird (ELSA-2013-1142)
2013-08-08 00:00:00
Debian DSA-2746-1 : icedove - several vulnerabilities
2013-08-30 00:00:00
centos
centos
thunderbird security update
2013-08-07 20:14:12
firefox, xulrunner security update
2013-08-07 11:33:09
veracode
veracode
Information Disclosure
2019-05-02 04:48:22
Cross Site Scripting (XSS)
2019-05-02 04:48:19
Cross Site Scripting (XSS)
2019-05-02 04:48:20
osv
osv
icedove - several
2013-08-29 00:00:00
iceweasel - several
2013-08-07 00:00:00
redhat
redhat
(RHSA-2013:1142) Important: thunderbird security update
2013-08-07 00:00:00
(RHSA-2013:1140) Critical: firefox security update
2013-08-07 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2013-08-07 00:00:00
Ubufox and Unity Firefox Extension update
2013-08-06 00:00:00
Firefox vulnerabilities
2013-08-06 00:00:00
mageia
mageia
Updated firefox and thunderbird packages fix security vulnerabilities
2013-08-12 17:54:58
Updated iceape packages fix many vulnerabilities
2013-11-21 00:16:49
debian
debian
[SECURITY] [DSA 2746-1] icedove security update
2013-08-29 17:36:06
[SECURITY] [DSA 2735-1] iceweasel security update
2013-08-07 14:14:06
oraclelinux
oraclelinux
firefox security update
2013-08-07 00:00:00
thunderbird security update
2013-08-07 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2013-08-27 08:04:16
Security update for Mozilla Firefox (important)
2013-08-23 05:04:11
Security update for Mozilla Firefox (important)
2013-08-14 00:04:15
ibm
ibm
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-08-06 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-08-12 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.927 High
EPSS
Percentile
99.0%
Related for UB:CVE-2013-1710