Lucene search
HistoryAug 07, 2013 - 1:55 a.m.
CVE-2013-1707
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
High
EPSS
0
Percentile
5.1%
Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service.
Affected configurations
Node
mozillathunderbirdRange≤17.0.7
ORmozillathunderbirdMatch17.0
ORmozillathunderbirdMatch17.0.1
ORmozillathunderbirdMatch17.0.2
ORmozillathunderbirdMatch17.0.3
ORmozillathunderbirdMatch17.0.4
ORmozillathunderbirdMatch17.0.5
ORmozillathunderbirdMatch17.0.6
Node
mozillathunderbird_esrMatch17.0
ORmozillathunderbird_esrMatch17.0.1
ORmozillathunderbird_esrMatch17.0.2
ORmozillathunderbird_esrMatch17.0.3
ORmozillathunderbird_esrMatch17.0.4
ORmozillathunderbird_esrMatch17.0.5
ORmozillathunderbird_esrMatch17.0.6
ORmozillathunderbird_esrMatch17.0.7
Node
mozillafirefoxRange≤22.0
ORmozillafirefoxMatch19.0
ORmozillafirefoxMatch19.0.1
ORmozillafirefoxMatch19.0.2
ORmozillafirefoxMatch20.0
ORmozillafirefoxMatch20.0.1
ORmozillafirefoxMatch21.0
Node
mozillafirefox_esrMatch17.0
ORmozillafirefox_esrMatch17.0.1
ORmozillafirefox_esrMatch17.0.2
ORmozillafirefox_esrMatch17.0.3
ORmozillafirefox_esrMatch17.0.4
ORmozillafirefox_esrMatch17.0.5
ORmozillafirefox_esrMatch17.0.6
ORmozillafirefox_esrMatch17.0.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | 17.0 | cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:* |
| mozilla | thunderbird | 17.0.1 | cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:* |
| mozilla | thunderbird | 17.0.2 | cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:* |
| mozilla | thunderbird | 17.0.3 | cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:* |
| mozilla | thunderbird | 17.0.4 | cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:* |
| mozilla | thunderbird | 17.0.5 | cpe:2.3:a:mozilla:thunderbird:17.0.5:*:*:*:*:*:*:* |
| mozilla | thunderbird | 17.0.6 | cpe:2.3:a:mozilla:thunderbird:17.0.6:*:*:*:*:*:*:* |
| mozilla | thunderbird_esr | 17.0 | cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:* |
| mozilla | thunderbird_esr | 17.0.1 | cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2013-1707
2013-08-07 01:55:04
prion
prion
Stack overflow
2013-08-07 01:55:00
cvelist
cvelist
CVE-2013-1707
2013-08-07 01:00:00
mozilla
mozilla
Buffer overflow in Mozilla Maintenance Service and Mozilla Updater — Mozilla
2013-08-06 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2013-66) - Linux
2021-11-11 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities - August 13 (Windows)
2013-08-08 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities - August 13 (Mac OS X)
2013-08-08 00:00:00
nessus
nessus
Mozilla Thunderbird ESR 17.x < 17.0.8 Multiple Vulnerabilities
2013-08-08 00:00:00
Firefox ESR 17.x < 17.0.8 Multiple Vulnerabilities
2013-08-08 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2013-08-14 00:04:15
Security update for Mozilla Firefox (important)
2013-08-23 05:04:11
Security update for Mozilla Firefox (important)
2013-08-27 08:04:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-08-06 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-08-12 00:00:00
mageia
mageia
Updated iceape packages fix many vulnerabilities
2013-11-21 00:16:49
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2013-1707