Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-5597
HistoryOct 29, 2013 - 12:00 a.m.

CVE-2013-5597

2013-10-2900:00:00
ubuntu.com
ubuntu.com
16
mozilla
firefox
thunderbird
seamonkey
use-after-free vulnerability
remote attackers
arbitrary code
denial of service
heap memory corruption
offline cache
cve-2013-5597
unix

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.073

Percentile

94.1%

Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad
function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10
and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before
17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute
arbitrary code or cause a denial of service (heap memory corruption) via
vectors involving a state-change event during an update of the offline
cache.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchfirefox< 25.0+build3-0ubuntu0.12.04.1UNKNOWN
ubuntu12.10noarchfirefox< 25.0+build3-0ubuntu0.12.10.1UNKNOWN
ubuntu13.04noarchfirefox< 25.0+build3-0ubuntu0.13.04.1UNKNOWN
ubuntu13.10noarchfirefox< 25.0+build3-0ubuntu0.13.10.1UNKNOWN
ubuntu12.04noarchthunderbird< 1:24.1.0+build1-0ubuntu0.12.04.1UNKNOWN
ubuntu12.10noarchthunderbird< 1:24.1.0+build1-0ubuntu0.12.10.1UNKNOWN
ubuntu13.04noarchthunderbird< 1:24.1.0+build1-0ubuntu0.13.04.1UNKNOWN
ubuntu13.10noarchthunderbird< 1:24.1.0+build1-0ubuntu0.13.10.1UNKNOWN

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.073

Percentile

94.1%