10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.946 High
EPSS
Percentile
99.0%
Added: 08/21/2014
CVE: CVE-2013-1710
BID: 61900
OSVDB: 96019
Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS.
A vulnerability in the implementation of the crypto.generateCRMFRequest javascript method allows command execution when a user opens a specially crafted page in Firefox.
Upgrade to Firefox 23.0 or higher.
<https://www.mozilla.org/security/announce/2013/mfsa2013-69.html>
Exploit works on Firefox 15.0 through 22.0 and requires a user to load the exploit page in Firefox.
Windows
Linux
Mac OS X