CVE-2013-0767

HIGH

Description

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html

http://rhn.redhat.com/errata/RHSA-2013-0144.html

http://rhn.redhat.com/errata/RHSA-2013-0145.html

http://www.mozilla.org/security/announce/2013/mfsa2013-02.html

http://www.securityfocus.com/bid/57195

http://www.ubuntu.com/usn/USN-1681-1

http://www.ubuntu.com/usn/USN-1681-2

http://www.ubuntu.com/usn/USN-1681-4

https://bugzilla.mozilla.org/show_bug.cgi?id=812161

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16171

Details

Source: MITRE

Published: 2013-01-13

Updated: 2020-08-07

Type: CWE-125

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Tenable Plugins

View all (35 total)

ID	Name	Product	Family	Severity
74918	openSUSE Security Update : firefox / seamonkey / thunderbird (openSUSE-SU-2013:0149-1)	Nessus	SuSE Local Security Checks	critical
70183	GLSA-201309-23 : Mozilla Products: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
68708	Oracle Linux 6 : thunderbird (ELSA-2013-0145)	Nessus	Oracle Linux Local Security Checks	critical
68707	Oracle Linux 5 / 6 : firefox (ELSA-2013-0144)	Nessus	Oracle Linux Local Security Checks	critical
64480	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1681-4)	Nessus	Ubuntu Local Security Checks	critical
64136	SuSE 11.2 Security Update : MozillaFirefox (SAT Patch Number 7224)	Nessus	SuSE Local Security Checks	critical
63665	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1681-3)	Nessus	Ubuntu Local Security Checks	critical
63626	SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 8426)	Nessus	SuSE Local Security Checks	critical
801376	Mozilla SeaMonkey 2.x <= 2.14 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801345	Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801308	Mozilla Thunderbird 17.x < 17.0.2 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
800108	Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
63554	SeaMonkey < 2.15 Multiple Vulnerabilities	Nessus	Windows	critical
63553	Mozilla Thunderbird < 17.0.2 Multiple Vulnerabilities	Nessus	Windows	critical
63552	Mozilla Thunderbird 10.x < 10.0.12 Multiple Vulnerabilities	Nessus	Windows	critical
63551	Firefox < 18.0 Multiple Vulnerabilities	Nessus	Windows	critical
63549	Firefox ESR 17.x < 17.0.1 Multiple Vulnerabilities	Nessus	Windows	critical
63548	Firefox 10.x < 10.0.12 Multiple Vulnerabilities	Nessus	Windows	critical
63547	Thunderbird < 17.0.2 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
63546	Thunderbird 10.x < 10.0.12 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
63545	Firefox < 18.0 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
63543	Firefox < 17.0.1 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
63542	Firefox < 10.0.12 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
6670	SeaMonkey 2.14.x < 2.15 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
6669	Mozilla Thunderbird < 17.0.2 Multiple Vulnerabilities	Nessus Network Monitor	SMTP Clients	high
6668	Mozilla Firefox < 18.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
63472	Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20130108)	Nessus	Scientific Linux Local Security Checks	critical
63471	Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130108)	Nessus	Scientific Linux Local Security Checks	critical
63463	FreeBSD : mozilla -- multiple vulnerabilities (a4ed6632-5aa9-11e2-8fcb-c8600054b392)	Nessus	FreeBSD Local Security Checks	critical
63448	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1681-2)	Nessus	Ubuntu Local Security Checks	critical
63447	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1681-1)	Nessus	Ubuntu Local Security Checks	critical
63446	RHEL 5 / 6 : thunderbird (RHSA-2013:0145)	Nessus	Red Hat Local Security Checks	critical
63445	RHEL 5 / 6 : firefox (RHSA-2013:0144)	Nessus	Red Hat Local Security Checks	critical
63432	CentOS 5 / 6 : thunderbird (CESA-2013:0145)	Nessus	CentOS Local Security Checks	critical
63431	CentOS 5 / 6 : firefox / xulrunner (CESA-2013:0144)	Nessus	CentOS Local Security Checks	critical