Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mozillaMozilla FoundationMFSA2013-14
HistoryJan 08, 2013 - 12:00 a.m.

Chrome Object Wrapper (COW) bypass through changing prototype — Mozilla

2013-01-0800:00:00
Mozilla Foundation
www.mozilla.org
24

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.095 Low

EPSS

Percentile

94.7%

JSON

Security researcher Mariusz Mlynski reported that it is possible to change the prototype of an object and bypass Chrome Object Wrappers (COW) to gain access to chrome privileged functions. This could allow for arbitrary code execution.

Related

prion 1
ubuntucve 1
openvas 19
cve 1
metasploit 1
zdt 2
checkpoint_advisories 1
exploitdb 1
nessus 25
suse 7
securityvulns 1
ubuntu 4
freebsd 1
gentoo 1
prion
prion
Design/Logic Flaw
2013-01-13 20:55:00
ubuntucve
ubuntucve
CVE-2013-0757
2013-01-09 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2013-14) - Linux
2021-11-11 00:00:00
Mozilla Products Multiple Vulnerabilities-04 January13 (Windows)
2013-01-16 00:00:00
Mozilla Products Multiple Vulnerabilities-04 January13 (Mac OS X)
2013-01-16 00:00:00
cve
cve
CVE-2013-0757
2013-01-13 20:55:00
metasploit
metasploit
Firefox 17.0.1 Flash Privileged Code Injection
2013-05-16 04:52:51
zdt
zdt
GIT 1.8.5.6 / 1.9.5 / 2.0.5 / 2.1.4/ 2.2.1 & Mercurial < 3.2.3 - Exploit
2017-03-23 00:00:00
Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection Exploit
2017-03-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Flash Privileged Code Injection (CVE-2013-0757; CVE-2013-0758)
2013-06-27 00:00:00
exploitdb
exploitdb
Mozilla Firefox &lt; 17.0.1 - Flash Privileged Code Injection (Metasploit)
2013-01-08 00:00:00
nessus
nessus
Firefox ESR 17.x < 17.0.2 Multiple Vulnerabilities
2013-01-15 00:00:00
Firefox ESR < 17.0.2 Multiple Vulnerabilities (Mac OS X)
2013-01-15 00:00:00
Thunderbird < 17.0.2 Multiple Vulnerabilities (Mac OS X)
2013-01-15 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2013-02-18 18:04:29
Security update for MozillaFirefox (important)
2013-02-13 23:04:32
Mozilla Januarys (important)
2013-01-23 14:04:54
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-01-10 00:00:00
ubuntu
ubuntu
Firefox regression
2013-01-22 00:00:00
Thunderbird vulnerabilities
2013-01-09 00:00:00
Firefox vulnerabilities
2013-01-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-01-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.095 Low

EPSS

Percentile

94.7%

JSON
Related for MFSA2013-14
prion1ubuntucve1openvas19cve1metasploit1zdt2checkpoint_advisories1exploitdb1nessus25suse7securityvulns1ubuntu4freebsd1gentoo1