Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM8DDE071024D6A8B14B029996B6D54A26D2F58C26959889BD401433BD85D29A91
HistoryJun 18, 2018 - 12:07 a.m.

Security Bulletin: Mozilla firefox vulnerability issues on IBM Storwize V7000 Unified (CVE-2013-5590, CVE-2013-5595, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5604)

2018-06-1800:07:38
www.ibm.com
17

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Summary

IBM Storwize V7000 Unified is shipped with Mozilla firefox, for which fixes are available for security vulnerabilities.

Vulnerability Details

CVE ID:
CVE-2013-5590
CVE-2013-5595
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5604

DESCRIPTION:

IBM Storwize V7000 Unified is shipped with Mozilla firefox. For the above security vulnerabilities in Mozilla firefox, fixes are available. None of these vulnerabilities are exploitable during usual operations of the IBM Storwize V7000 Unified system. Nevertheless, since using firefox to access the Internet would implicate these vulnerabilities, it is recommended to apply the fix.

CVE-2013-5590
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88390 for the current score

CVE-2013-5595
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88397 for the current score

CVE-2013-5597
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88399 for the current score

CVE-2013-5599
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88401 for the current score

CVE-2013-5600
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88402 for the current score

CVE-2013-5601
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88403 for the current score

CVE-2013-5602
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88404 for the current score

CVE-2013-5604
CVSS Base Score: 7.1
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88395 for the current score

Affected Products and Versions

IBM Storwize V7000 Unified V1.3.0.0 to V1.4.2.1.

Remediation/Fixes

The fix for this issue is available beginning with IBM Storwize V7000 Unified V1.4.3.0. Customers running an earlier version of IBM Storwize V7000 Unified should upgrade to V1.4.3.0 or later in order to get these fixes.

Latest IBM Storwize V7000 Unified Software

Workarounds and Mitigations

Work-around(s): None.

Mitigation(s): None of these vulnerabilities are exploitable during usual operations of IBM Storwize V7000 Unified system. Use of Mozilla firefox for accessing web sites from IBM Storwize V7000 Unified system should be avoided.

CPENameOperatorVersion
ibm storwize v7000 unified (2073)eq1.4

Related

nessus 36
openvas 48
veracode 8
oraclelinux 2
redhat 2
debian 2
centos 2
mageia 3
ibm 1
suse 4
ubuntu 2
mozilla 6
securityvulns 1
freebsd 1
ubuntucve 8
cve 8
prion 8
gentoo 1
nessus
nessus
Debian DSA-2788-1 : iceweasel - several vulnerabilities
2013-11-01 00:00:00
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20131030)
2013-10-31 00:00:00
Oracle Linux 6 : thunderbird (ELSA-2013-1480)
2013-10-31 00:00:00
openvas
openvas
CentOS Update for thunderbird CESA-2013:1480 centos5
2013-11-08 00:00:00
CentOS Update for firefox CESA-2013:1476 centos6
2013-11-08 00:00:00
Mozilla Thunderbird ESR Multiple Vulnerabilities-01 (Nov 2013) - Windows
2013-11-07 00:00:00
veracode
veracode
Memory Corruption
2019-05-02 04:56:51
Buffer Overflow
2019-05-02 04:56:49
Stack-based Buffer Overflow
2019-05-02 04:56:51
oraclelinux
oraclelinux
thunderbird security update
2013-10-30 00:00:00
firefox security update
2013-10-29 00:00:00
redhat
redhat
(RHSA-2013:1480) Important: thunderbird security update
2013-10-30 00:00:00
(RHSA-2013:1476) Critical: firefox security update
2013-10-29 00:00:00
debian
debian
[SECURITY] [DSA 2797-1] icedove security update
2013-11-13 21:45:22
[SECURITY] [DSA 2788-1] iceweasel security update
2013-10-31 08:27:05
centos
centos
thunderbird security update
2013-10-30 22:19:56
firefox, xulrunner security update
2013-10-30 04:12:01
mageia
mageia
Updated thunderbird package fixes security vulnerabilities
2013-11-18 18:39:59
Updated firefox & related packages fix multiple security vulnerabilities
2013-11-09 22:55:13
Updated iceape packages fix many vulnerabilities
2013-11-21 00:16:49
ibm
ibm
Security Bulletin: Mozilla firefox vulnerability issues on SONAS (CVE-2013-5590, CVE-2013-5595, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5604)
2018-06-18 00:07:42
suse
suse
Security update for Mozilla Firefox (important)
2013-11-15 03:04:14
Mozilla updates 10/2013 (important)
2013-11-07 11:04:15
Mozilla Suite: Update to October 2013 release (important)
2013-11-07 10:04:11
ubuntu
ubuntu
Thunderbird vulnerabilities
2013-10-31 00:00:00
Firefox vulnerabilities
2013-10-29 00:00:00
mozilla
mozilla
Miscellaneous use-after-free issues found through ASAN fuzzing — Mozilla
2013-10-29 00:00:00
Access violation with XSLT and uninitialized data — Mozilla
2013-10-29 00:00:00
Memory corruption in workers — Mozilla
2013-10-29 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-11-05 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-10-29 00:00:00
ubuntucve
ubuntucve
CVE-2013-5604
2013-10-29 00:00:00
CVE-2013-5590
2013-10-29 00:00:00
CVE-2013-5602
2013-10-29 00:00:00
cve
cve
CVE-2013-5604
2013-10-30 10:55:00
CVE-2013-5595
2013-10-30 10:55:00
CVE-2013-5602
2013-10-30 10:55:00
prion
prion
Buffer overflow
2013-10-30 10:55:00
Memory corruption
2013-10-30 10:55:00
Stack overflow
2013-10-30 10:55:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for 8DDE071024D6A8B14B029996B6D54A26D2F58C26959889BD401433BD85D29A91
nessus36openvas48veracode8oraclelinux2redhat2debian2centos2mageia3ibm1suse4ubuntu2mozilla6securityvulns1freebsd1ubuntucve8cve8prion8gentoo1