Lucene search

[email protected]CVE-2013-1732

HistorySep 18, 2013 - 10:08 a.m.

CVE-2013-1732

2013-09-1810:08:24

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-1732

buffer overflow

mozilla firefox

thunderbird

seamonkey

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.7 High

AI Score

Confidence

High

0.174 Low

EPSS

Percentile

96.1%

JSON

Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.

Affected configurations

NVD

Node

mozillafirefoxRange≤23.0.1

mozillafirefoxMatch19.0

mozillafirefoxMatch19.0.1

mozillafirefoxMatch19.0.2

mozillafirefoxMatch20.0

mozillafirefoxMatch20.0.1

mozillafirefoxMatch21.0

mozillafirefoxMatch22.0

mozillafirefoxMatch23.0

Node

mozillafirefox_esrMatch17.0

mozillafirefox_esrMatch17.0.1

mozillafirefox_esrMatch17.0.2

mozillafirefox_esrMatch17.0.3

mozillafirefox_esrMatch17.0.4

mozillafirefox_esrMatch17.0.5

mozillafirefox_esrMatch17.0.6

mozillafirefox_esrMatch17.0.7

mozillafirefox_esrMatch17.0.8

Node

mozillaseamonkeyRange≤2.20

mozillaseamonkeyMatch2.0

mozillaseamonkeyMatch2.0alpha_1

mozillaseamonkeyMatch2.0alpha_2

mozillaseamonkeyMatch2.0alpha_3

mozillaseamonkeyMatch2.0beta_1

mozillaseamonkeyMatch2.0beta_2

mozillaseamonkeyMatch2.0rc1

mozillaseamonkeyMatch2.0rc2

mozillaseamonkeyMatch2.0.1

mozillaseamonkeyMatch2.0.2

mozillaseamonkeyMatch2.0.3

mozillaseamonkeyMatch2.0.4

mozillaseamonkeyMatch2.0.5

mozillaseamonkeyMatch2.0.6

mozillaseamonkeyMatch2.0.7

mozillaseamonkeyMatch2.0.8

mozillaseamonkeyMatch2.0.9

mozillaseamonkeyMatch2.0.10

mozillaseamonkeyMatch2.0.11

mozillaseamonkeyMatch2.0.12

mozillaseamonkeyMatch2.0.13

mozillaseamonkeyMatch2.0.14

mozillaseamonkeyMatch2.1

mozillaseamonkeyMatch2.1alpha1

mozillaseamonkeyMatch2.1alpha2

mozillaseamonkeyMatch2.1alpha3

mozillaseamonkeyMatch2.1beta1

mozillaseamonkeyMatch2.1beta2

mozillaseamonkeyMatch2.1beta3

mozillaseamonkeyMatch2.1rc1

mozillaseamonkeyMatch2.1rc2

mozillaseamonkeyMatch2.10

mozillaseamonkeyMatch2.10beta1

mozillaseamonkeyMatch2.10beta2

mozillaseamonkeyMatch2.10beta3

mozillaseamonkeyMatch2.10.1

mozillaseamonkeyMatch2.11

mozillaseamonkeyMatch2.11beta1

mozillaseamonkeyMatch2.11beta2

mozillaseamonkeyMatch2.11beta3

mozillaseamonkeyMatch2.11beta4

mozillaseamonkeyMatch2.11beta5

mozillaseamonkeyMatch2.11beta6

mozillaseamonkeyMatch2.12

mozillaseamonkeyMatch2.12beta1

mozillaseamonkeyMatch2.12beta2

mozillaseamonkeyMatch2.12beta3

mozillaseamonkeyMatch2.12beta4

mozillaseamonkeyMatch2.12beta5

mozillaseamonkeyMatch2.12beta6

mozillaseamonkeyMatch2.12.1

mozillaseamonkeyMatch2.13

mozillaseamonkeyMatch2.13beta1

mozillaseamonkeyMatch2.13beta2

mozillaseamonkeyMatch2.13beta3

mozillaseamonkeyMatch2.13beta4

mozillaseamonkeyMatch2.13beta5

mozillaseamonkeyMatch2.13beta6

mozillaseamonkeyMatch2.13.1

mozillaseamonkeyMatch2.13.2

mozillaseamonkeyMatch2.14

mozillaseamonkeyMatch2.14beta1

mozillaseamonkeyMatch2.14beta2

mozillaseamonkeyMatch2.14beta3

mozillaseamonkeyMatch2.14beta4

mozillaseamonkeyMatch2.14beta5

mozillaseamonkeyMatch2.15

mozillaseamonkeyMatch2.15beta1

mozillaseamonkeyMatch2.15beta2

mozillaseamonkeyMatch2.15beta3

mozillaseamonkeyMatch2.15beta4

mozillaseamonkeyMatch2.15beta5

mozillaseamonkeyMatch2.15beta6

mozillaseamonkeyMatch2.15.1

mozillaseamonkeyMatch2.15.2

mozillaseamonkeyMatch2.16

mozillaseamonkeyMatch2.16beta1

mozillaseamonkeyMatch2.16beta2

mozillaseamonkeyMatch2.16beta3

mozillaseamonkeyMatch2.16beta4

mozillaseamonkeyMatch2.16beta5

mozillaseamonkeyMatch2.16.1

mozillaseamonkeyMatch2.16.2

mozillaseamonkeyMatch2.17

mozillaseamonkeyMatch2.17beta1

mozillaseamonkeyMatch2.17beta2

mozillaseamonkeyMatch2.17beta3

mozillaseamonkeyMatch2.17beta4

mozillaseamonkeyMatch2.17.1

mozillaseamonkeyMatch2.18beta1

mozillaseamonkeyMatch2.18beta2

mozillaseamonkeyMatch2.18beta3

mozillaseamonkeyMatch2.18beta4

mozillaseamonkeyMatch2.19

mozillaseamonkeyMatch2.19beta1

mozillaseamonkeyMatch2.19beta2

mozillaseamonkeyMatch2.20beta1

mozillaseamonkeyMatch2.20beta2

mozillaseamonkeyMatch2.20beta3

Node

mozillathunderbird_esrMatch17.0

mozillathunderbird_esrMatch17.0.1

mozillathunderbird_esrMatch17.0.2

mozillathunderbird_esrMatch17.0.3

mozillathunderbird_esrMatch17.0.4

mozillathunderbird_esrMatch17.0.5

mozillathunderbird_esrMatch17.0.6

mozillathunderbird_esrMatch17.0.7

mozillathunderbird_esrMatch17.0.8

Node

mozillathunderbirdRange≤17.0.9

mozillathunderbirdMatch17.0

mozillathunderbirdMatch17.0.1

mozillathunderbirdMatch17.0.2

mozillathunderbirdMatch17.0.3

mozillathunderbirdMatch17.0.4

mozillathunderbirdMatch17.0.5

mozillathunderbirdMatch17.0.6

mozillathunderbirdMatch17.0.7

mozillathunderbirdMatch17.0.8

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle23.0.1
mozilla:firefoxmozilla firefoxeq19.0
mozilla:firefoxmozilla firefoxeq19.0.1
mozilla:firefoxmozilla firefoxeq19.0.2
mozilla:firefoxmozilla firefoxeq20.0
mozilla:firefoxmozilla firefoxeq20.0.1
mozilla:firefoxmozilla firefoxeq21.0
mozilla:firefoxmozilla firefoxeq22.0
mozilla:firefoxmozilla firefoxeq23.0

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	23.0.1
mozilla:firefox	mozilla firefox	eq	19.0
mozilla:firefox	mozilla firefox	eq	19.0.1
mozilla:firefox	mozilla firefox	eq	19.0.2
mozilla:firefox	mozilla firefox	eq	20.0
mozilla:firefox	mozilla firefox	eq	20.0.1
mozilla:firefox	mozilla firefox	eq	21.0
mozilla:firefox	mozilla firefox	eq	22.0
mozilla:firefox	mozilla firefox	eq	23.0