Lucene search

K

MozillaCVELIST:CVE-2013-5607

HistoryNov 20, 2013 - 11:00 a.m.

CVE-2013-5607

2013-11-2011:00:00

mozilla

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

94.9%

Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

lists.opensuse.org/opensuse-security-announce/2013-12/msg00000.html

lists.opensuse.org/opensuse-updates/2013-11/msg00080.html

rhn.redhat.com/errata/RHSA-2013-1791.html

rhn.redhat.com/errata/RHSA-2013-1829.html

security.gentoo.org/glsa/glsa-201406-19.xml

www.debian.org/security/2013/dsa-2820

www.mozilla.org/security/announce/2013/mfsa2013-103.html

www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

www.securityfocus.com/bid/63802

www.ubuntu.com/usn/USN-2031-1

www.ubuntu.com/usn/USN-2032-1

www.ubuntu.com/usn/USN-2087-1

bugzilla.mozilla.org/show_bug.cgi?id=927687

groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/_8AcygMEjSA/mm_cqQzLPFQJ

security.gentoo.org/glsa/201504-01

6.5 Medium

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

94.9%

Related for CVELIST:CVE-2013-5607

nvd2 prion2 cve2 ubuntucve2 debiancve2 fedora35 openvas87 nessus37 ubuntu4 suse1 ibm2 debian3 securityvulns1 oraclelinux3 mozilla1 cvelist1 mageia1 redhat3 veracode3 centos2 amazon2 gentoo1 osv2