Lucene search
Mozilla FoundationMFSA2013-42HistoryMay 14, 2013 - 12:00 a.m.
Privileged access for content level constructor — Mozilla
2013-05-1400:00:00
Mozilla Foundation
www.mozilla.org
16
0.908 High
EPSS
Percentile
98.8%
Security researcher Cody Crews reported a method to call a content level constructor that allows for this constructor to have chrome privileged accesss. This affects chrome object wrappers (COW) and allows for write actions on objects when only read actions should be allowed. This can lead to cross-site scripting (XSS) attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 21 | |
| firefox esr | lt | 17.0.6 | |
| thunderbird | lt | 17.0.6 | |
| thunderbird esr | lt | 17.0.6 |
Related
prion
prion
Cross site scripting
2013-05-16 11:45:00
cve
cve
CVE-2013-1670
2013-05-16 11:45:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2013-42) - Linux
2021-11-11 00:00:00
RedHat Update for thunderbird RHSA-2013:0821-01
2013-05-17 00:00:00
CentOS Update for thunderbird CESA-2013:0821 centos6
2013-05-17 00:00:00
ubuntucve
ubuntucve
CVE-2013-1670
2013-05-14 00:00:00
cvelist
cvelist
CVE-2013-1670
2013-05-16 10:00:00
zdt
zdt
Firefox toString console.time Privileged Javascript Injection Exploit
2014-08-18 00:00:00
packetstorm
packetstorm
Firefox toString console.time Privileged Javascript Injection
2014-08-18 00:00:00
seebug
seebug
Firefox toString console.time Privileged Javascript Injection
2014-08-20 00:00:00
metasploit
metasploit
Firefox toString console.time Privileged Javascript Injection
2014-08-15 20:17:37
exploitdb
exploitdb
nessus
nessus
CentOS 5 / 6 : firefox (CESA-2013:0820)
2013-05-15 00:00:00
RHEL 5 / 6 : firefox (RHSA-2013:0820)
2013-05-15 00:00:00
RHEL 5 / 6 : thunderbird (RHSA-2013:0821)
2013-05-15 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2019-05-02 04:54:40
Information Disclosure
2019-05-02 04:54:41
Out-Of-Bounds Read
2019-05-02 04:54:42
redhat
redhat
(RHSA-2013:0821) Important: thunderbird security update
2013-05-14 00:00:00
(RHSA-2013:0820) Critical: firefox security update
2013-05-14 00:00:00
oraclelinux
oraclelinux
firefox security update
2013-05-14 00:00:00
thunderbird security update
2013-05-14 00:00:00
centos
centos
firefox, xulrunner security update
2013-05-14 22:39:45
thunderbird security update
2013-05-14 22:42:14
suse
suse
MozillaThunderbird: update to 17.0.6 (important)
2013-06-10 17:12:08
xulrunner to 17.0.6esr (important)
2013-05-27 17:04:43
MozillaThunderbird: update to 17.0.6 (important)
2013-05-27 17:05:02
ubuntu
ubuntu
Thunderbird vulnerabilities
2013-05-14 00:00:00
Firefox vulnerabilities
2013-05-14 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-05-14 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-07-10 00:00:00
ibm
ibm
debian
debian
[SECURITY] [DSA 2699-1] iceweasel security update
2013-06-02 16:37:52
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00