Lucene search
Ubuntu.comUB:CVE-2013-1710HistoryAug 06, 2013 - 12:00 a.m.
CVE-2013-1710
2013-08-0600:00:00
ubuntu.com
ubuntu.com
18
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.93 High
EPSS
Percentile
99.0%
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0,
Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR
17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to
execute arbitrary JavaScript code or conduct cross-site scripting (XSS)
attacks via vectors related to Certificate Request Message Format (CRMF)
request generation.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | firefox | < 23.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | firefox | < 23.0+build2-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | firefox | < 23.0+build2-0ubuntu0.13.04.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 17.0.8+build1-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | thunderbird | < 17.0.8+build1-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | thunderbird | < 17.0.8+build1-0ubuntu0.13.04.1 | UNKNOWN |
References
Related
saint
saint
Firefox crypto.generateCRMFRequest command execution
2014-08-21 00:00:00
Firefox crypto.generateCRMFRequest command execution
2014-08-21 00:00:00
Firefox crypto.generateCRMFRequest command execution
2014-08-21 00:00:00
mozilla
mozilla
CRMF requests allow for code execution and XSS attacks — Mozilla
2013-08-06 00:00:00
prion
prion
Cross site scripting
2013-08-07 01:55:00
cve
cve
CVE-2013-1710
2013-08-07 01:55:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2013-69) - Linux
2021-11-11 00:00:00
CentOS Update for firefox CESA-2013:1140 centos5
2013-08-08 00:00:00
Oracle: Security Advisory (ELSA-2013-1142)
2015-10-06 00:00:00
seebug
seebug
Mozilla Firefox/SeaMonkey/Thunderbird CRMF请求生成跨站脚本漏洞
2013-12-25 00:00:00
Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution
2014-07-01 00:00:00
Firefox toString console.time Privileged Javascript Injection
2014-08-20 00:00:00
metasploit
metasploit
Firefox toString console.time Privileged Javascript Injection
2014-08-15 20:17:37
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
2013-12-18 20:31:42
zdt
zdt
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution Vulnerability
2013-12-24 00:00:00
Firefox toString console.time Privileged Javascript Injection Exploit
2014-08-18 00:00:00
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
Firefox toString console.time Privileged Javascript Injection
2014-08-18 00:00:00
Firefox 15.0.1 Code Execution
2013-12-23 00:00:00
exploitdb
exploitdb
nessus
nessus
Thunderbird ESR 17.x < 17.0.8 Multiple Vulnerabilities (Mac OS X)
2013-08-08 00:00:00
Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130807)
2013-08-08 00:00:00
RHEL 5 / 6 : thunderbird (RHSA-2013:1142)
2013-08-08 00:00:00
redhat
redhat
(RHSA-2013:1140) Critical: firefox security update
2013-08-07 00:00:00
(RHSA-2013:1142) Important: thunderbird security update
2013-08-07 00:00:00
debian
debian
[SECURITY] [DSA 2746-1] icedove security update
2013-08-29 17:36:35
[SECURITY] [DSA 2735-1] iceweasel security update
2013-08-07 14:14:34
mageia
mageia
Updated firefox and thunderbird packages fix security vulnerabilities
2013-08-12 17:54:58
Updated iceape packages fix many vulnerabilities
2013-11-21 00:16:49
ubuntu
ubuntu
Thunderbird vulnerabilities
2013-08-07 00:00:00
Ubufox and Unity Firefox Extension update
2013-08-06 00:00:00
Firefox vulnerabilities
2013-08-06 00:00:00
veracode
veracode
Cross Site Scripting (XSS)
2019-05-02 04:48:19
Cross Site Scripting (XSS)
2019-05-02 04:48:20
Information Disclosure
2019-05-02 04:48:22
oraclelinux
oraclelinux
firefox security update
2013-08-07 00:00:00
thunderbird security update
2013-08-07 00:00:00
osv
osv
iceweasel - several
2013-08-07 00:00:00
icedove - several
2013-08-29 00:00:00
centos
centos
thunderbird security update
2013-08-07 20:14:12
firefox, xulrunner security update
2013-08-07 11:33:09
suse
suse
Security update for Mozilla Firefox (important)
2013-08-14 00:04:15
Security update for Mozilla Firefox (important)
2013-08-23 05:04:11
Security update for Mozilla Firefox (important)
2013-08-27 08:04:16
ibm
ibm
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-08-06 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-08-12 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.93 High
EPSS
Percentile
99.0%
Related for UB:CVE-2013-1710