10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
The Mozilla Project reports:
MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/
rv:10.0.12 / rv:17.0.2)
MFSA 2013-02 Use-after-free and buffer overflow issues found using
Address Sanitizer
MFSA 2013-03 Buffer Overflow in Canvas
MFSA 2013-04 URL spoofing in addressbar during page loads
MFSA 2013-05 Use-after-free when displaying table with many
columns and column groups
MFSA 2013-06 Touch events are shared across iframes
MFSA 2013-07 Crash due to handling of SSL on threads
MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during
garbage collection
MFSA 2013-09 Compartment mismatch with quickstubs returned values
MFSA 2013-10 Event manipulation in plugin handler to bypass
same-origin policy
MFSA 2013-11 Address space layout leaked in XBL objects
MFSA 2013-12 Buffer overflow in Javascript string concatenation
MFSA 2013-13 Memory corruption in XBL with XML bindings containing
SVG
MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing
prototype
MFSA 2013-15 Privilege escalation through plugin objects
MFSA 2013-16 Use-after-free in serializeToStream
MFSA 2013-17 Use-after-free in ListenerManager
MFSA 2013-18 Use-after-free in Vibrate
MFSA 2013-19 Use-after-free in Javascript Proxy objects
MFSA 2013-20 Mis-issued TURKTRUST certificates
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 17.0.2,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 17.0.2,1 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.15 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 17.0.2 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.15 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 17.0.2 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 10.0.12 | UNKNOWN |
FreeBSD | any | noarch | ca_root_nss | < 3.14.1 | UNKNOWN |
www.mozilla.org/security/announce/2013/mfsa2013-01.html
www.mozilla.org/security/announce/2013/mfsa2013-02.html
www.mozilla.org/security/announce/2013/mfsa2013-03.html
www.mozilla.org/security/announce/2013/mfsa2013-04.html
www.mozilla.org/security/announce/2013/mfsa2013-05.html
www.mozilla.org/security/announce/2013/mfsa2013-06.html
www.mozilla.org/security/announce/2013/mfsa2013-07.html
www.mozilla.org/security/announce/2013/mfsa2013-08.html
www.mozilla.org/security/announce/2013/mfsa2013-09.html
www.mozilla.org/security/announce/2013/mfsa2013-10.html
www.mozilla.org/security/announce/2013/mfsa2013-11.html
www.mozilla.org/security/announce/2013/mfsa2013-12.html
www.mozilla.org/security/announce/2013/mfsa2013-13.html
www.mozilla.org/security/announce/2013/mfsa2013-14.html
www.mozilla.org/security/announce/2013/mfsa2013-15.html
www.mozilla.org/security/announce/2013/mfsa2013-16.html
www.mozilla.org/security/announce/2013/mfsa2013-17.html
www.mozilla.org/security/announce/2013/mfsa2013-18.html
www.mozilla.org/security/announce/2013/mfsa2013-19.html
www.mozilla.org/security/announce/2013/mfsa2013-20.html
www.mozilla.org/security/known-vulnerabilities/