Lucene search

MozillaCVE-2013-1679

HistoryMay 16, 2013 - 11:45 a.m.

CVE-2013-1679

2013-05-1611:45:30

CWE-399

mozilla

web.nvd.nist.gov

cve-2013-1679

mozilla

firefox

thunderbird

vulnerability

remote code execution

denial of service

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.6

Confidence

High

EPSS

0.083

Percentile

94.4%

JSON

Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Affected configurations

Nvd

Node

mozillafirefoxRange≤20.0.1

mozillafirefoxMatch19.0

mozillafirefoxMatch19.0.1

mozillafirefoxMatch19.0.2

mozillafirefoxMatch20.0

Node

mozillafirefox_esrMatch17.0

mozillafirefox_esrMatch17.0.1

mozillafirefox_esrMatch17.0.2

mozillafirefox_esrMatch17.0.3

mozillafirefox_esrMatch17.0.4

mozillafirefox_esrMatch17.0.5

Node

mozillathunderbirdRange≤17.0.5

mozillathunderbirdMatch17.0

mozillathunderbirdMatch17.0.1

mozillathunderbirdMatch17.0.2

mozillathunderbirdMatch17.0.3

mozillathunderbirdMatch17.0.4

Node

mozillathunderbird_esrMatch17.0

mozillathunderbird_esrMatch17.0.1

mozillathunderbird_esrMatch17.0.2

mozillathunderbird_esrMatch17.0.3

mozillathunderbird_esrMatch17.0.4

mozillathunderbird_esrMatch17.0.5

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox19.0cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
mozillafirefox19.0.1cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
mozillafirefox19.0.2cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
mozillafirefox20.0cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
mozillafirefox_esr17.0cpe:2.3:a:mozilla:firefox_esr:17.0:*:*:*:*:*:*:*
mozillafirefox_esr17.0.1cpe:2.3:a:mozilla:firefox_esr:17.0.1:*:*:*:*:*:*:*
mozillafirefox_esr17.0.2cpe:2.3:a:mozilla:firefox_esr:17.0.2:*:*:*:*:*:*:*
mozillafirefox_esr17.0.3cpe:2.3:a:mozilla:firefox_esr:17.0.3:*:*:*:*:*:*:*
mozillafirefox_esr17.0.4cpe:2.3:a:mozilla:firefox_esr:17.0.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox	19.0	cpe:2.3:a:mozilla:firefox:19.0:::::::*
mozilla	firefox	19.0.1	cpe:2.3:a:mozilla:firefox:19.0.1:::::::*
mozilla	firefox	19.0.2	cpe:2.3:a:mozilla:firefox:19.0.2:::::::*
mozilla	firefox	20.0	cpe:2.3:a:mozilla:firefox:20.0:::::::*
mozilla	firefox_esr	17.0	cpe:2.3:a:mozilla:firefox_esr:17.0:::::::*
mozilla	firefox_esr	17.0.1	cpe:2.3:a:mozilla:firefox_esr:17.0.1:::::::*
mozilla	firefox_esr	17.0.2	cpe:2.3:a:mozilla:firefox_esr:17.0.2:::::::*
mozilla	firefox_esr	17.0.3	cpe:2.3:a:mozilla:firefox_esr:17.0.3:::::::*
mozilla	firefox_esr	17.0.4	cpe:2.3:a:mozilla:firefox_esr:17.0.4:::::::*