openSUSE-SU-2013:0323

openSUSE-SU-2013:0324

http://www.mozilla.org/security/announce/2013/mfsa2013-28.html

USN-1729-1

USN-1729-2

USN-1748-1

https://bugzilla.mozilla.org/show_bug.cgi?id=798691

oval:org.mitre.oval:def:16977

MozillaFirefox was updated to Firefox 19.0 (bnc#804248) MozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248) seamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was updated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0.

Changes in MozillaFirefox 19.0 :

  - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous     memory safety hazards

  - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds     read in image rendering

  - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL     objects can be wrapped again

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content     bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in     JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free     in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on     HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/     CVE-2013-0778/CVE-2013-0779/CVE-2013-0781     Use-after-free, out of bounds read, and buffer overflow     issues found using Address Sanitizer

  - removed obsolete patches

  - mozilla-webrtc.patch

  - mozilla-gstreamer-803287.patch

  - added patch to fix session restore window order     (bmo#712763)

  - update to Firefox 18.0.2

  - blocklist and CTP updates

  - fixes in JS engine

  - update to Firefox 18.0.1

  - blocklist updates

  - backed out bmo#677092 (removed patch)

  - fixed problems involving HTTP proxy transactions

  - Fix WebRTC to build on powerpc

Changes in MozillaThunderbird :

  - update to Thunderbird 17.0.3 (bnc#804248)

  - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety     hazards

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content     bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in     JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free     in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on     HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free,     out of bounds read, and buffer overflow issues found     using Address Sanitizer

  - update Enigmail to 1.5.1

  - The release fixes the regressions found in the past few     weeks

Changes in seamonkey :

  - update to SeaMonkey 2.16 (bnc#804248)

  - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous     memory safety hazards

  - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds     read in image rendering

  - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL     objects can be wrapped again

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content     bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in     JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free     in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on     HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/     CVE-2013-0778/CVE-2013-0779/CVE-2013-0781     Use-after-free, out of bounds read, and buffer overflow     issues found using Address Sanitizer

  - removed obsolete patches

  - mozilla-webrtc.patch

  - mozilla-gstreamer-803287.patch

  - update to SeaMonkey 2.15.2

  - Applications could not be removed from the 'Application     details' dialog under Preferences, Helper Applications     (bmo#826771).

  - View / Message Body As could show menu items out of     context (bmo#831348)

  - update to SeaMonkey 2.15.1

  - backed out bmo#677092 (removed patch)

  - fixed problems involving HTTP proxy transactions

  - backed out restartless language packs as it broke     multi-locale setup (bmo#677092, bmo#818468)

Changes in xulrunner :

  - update to 17.0.3esr (bnc#804248)

  - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety     hazards

  - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content     bypass of COW and SOW security wrappers

  - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in     JavaScript Workers

  - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free     in nsImageLoadingContent

  - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on     HTTPS connection through malicious proxy

  - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free,     out of bounds read, and buffer overflow issues found     using Address Sanitizer

The remote host is affected by the vulnerability described in GLSA-201309-23 (Mozilla Products: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Mozilla Firefox,       Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced       below for details.
  Impact :

    A remote attacker could entice a user to view a specially crafted web       page or email, possibly resulting in execution of arbitrary code or a       Denial of Service condition. Further, a remote attacker could conduct XSS       attacks, spoof URLs, bypass address space layout randomization, conduct       clickjacking attacks, obtain potentially sensitive information, bypass       access restrictions, modify the local filesystem, or conduct other       unspecified attacks.
  Workaround :

    There is no known workaround at this time.

USN-1729-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in freezes and crashes when using multiple tabs with images displayed. This update fixes the problem.

We apologize for the inconvenience.

Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash. (CVE-2013-0783, CVE-2013-0784)

Atte Kettunen discovered that Firefox could perform an out-of-bounds read while rendering GIF format images. An attacker could exploit this to crash Firefox.
(CVE-2013-0772)

Boris Zbarsky discovered that Firefox did not properly handle some wrapped WebIDL objects. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0765)

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Firefox.
(CVE-2013-0773)

Frederik Braun discovered that Firefox made the location of the active browser profile available to JavaScript workers.
(CVE-2013-0774)

A use-after-free vulnerability was discovered in Firefox. An attacker could potentially exploit this to execute code with the privileges of the user invoking Firefox. (CVE-2013-0775)

Michal Zalewski discovered that Firefox would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks.
(CVE-2013-0776)

Abhishek Arya discovered several problems related to memory handling. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Thunderbird. (CVE-2013-0773)

Frederik Braun discovered that Thunderbird made the location of the active browser profile available to JavaScript workers. Scripting for Thunderbird is disabled by default in Ubuntu. (CVE-2013-0774)

A use-after-free vulnerability was discovered in Thunderbird. An attacker could potentially exploit this to execute code with the privileges of the user invoking Thunderbird if scripting were enabled.
(CVE-2013-0775)

Michal Zalewski discovered that Thunderbird would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks if scripting were enabled. (CVE-2013-0776)

Abhishek Arya discovered several problems related to memory handling.
If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782)

Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Thunderbird. If a user had scripting enabled and was tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash.
(CVE-2013-0783, CVE-2013-0784).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Versions of SeaMonkey earlier than 2.16 are potentially affected by multiple vulnerabilities :

  - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)

  - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)

  - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)

  - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)

  - The file system location of the active browser profile could be disclosed and used in further attacks. (CVE-2013-0774)

  - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)

  - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code. (CVE-2013-0776)

  - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)

  - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)

  - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)

  - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

  - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

  - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'. (CVE-2013-0782)

Versions of Thunderbird less than 17.0.3  are potentially affected by the following security issues :

- Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)

  - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)

  - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765

  - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)

  - The file system location of the active browser profile could be disclosed and used in further attacks. (CVE-2013-0774)

  - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)

  - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code. (CVE-2013-0776)

  - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)



  - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)

  - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)

  - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

  - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

  - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'. (CVE-2013-0782)

Versions of Firefox 18.x and older are potentially affected by the following security issues :

  - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)

  - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)

  - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)

  - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)

  - The file system location of the active browser profile could be disclosed and used in further attacks. (CVE-2013-0774)

  - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)

  - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code. (CVE-2013-0776)

  - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)

  - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)

  - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)

  - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

  - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

  - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'. (CVE-2013-0782)

The installed version of SeaMonkey is earlier than 2.16 and thus, is potentially affected by the following security issues :

  - Numerous memory safety errors exist. (CVE-2013-0783,     CVE-2013-0784)

  - An out-of-bounds read error exists related to the     handling of GIF images. (CVE-2013-0772)

  - An error exists related to 'WebIDL' object wrapping     that has an unspecified impact. (CVE-2013-0765)

  - An error exists related to Chrome Object Wrappers (COW)     or System Only Wrappers (SOW) that could allow security     bypass. (CVE-2013-0773)

  - The file system location of the active browser profile     could be disclosed and used in further attacks.
    (CVE-2013-0774)

  - A use-after-free error exists in the function     'nsImageLoadingContent'. (CVE-2013-0775)

  - Spoofing HTTPS URLs is possible due to an error related     to proxy '407' responses and embedded script code.
    (CVE-2013-0776)

  - A heap-based use-after-free error exists in the function     'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)

  - An out-of-bounds read error exists in the function     'ClusterIterator::NextCluster'. (CVE-2013-0778)

  - An out-of-bounds read error exists in the function     'nsCodingStateMachine::NextState'. (CVE-2013-0779)

  - A heap-based use-after-free error exists in the function     'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

  - A heap-based use-after-free error exists in the function     'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

  - A heap-based buffer overflow error exists in the     function 'nsSaveAsCharset::DoCharsetConversion'.
    (CVE-2013-0782)

The installed version of Thunderbird is earlier than 17.0.3 and thus, is potentially affected by the following security issues :

  - Numerous memory safety errors exist. (CVE-2013-0783,     CVE-2013-0784)

  - An out-of-bounds read error exists related to the     handling of GIF images. (CVE-2013-0772)

  - An error exists related to 'WebIDL' object wrapping     that has an unspecified impact. (CVE-2013-0765)

  - An error exists related to Chrome Object Wrappers (COW)     or System Only Wrappers (SOW) that could allow security     bypass. (CVE-2013-0773)

  - The file system location of the active browser profile     could be disclosed and used in further attacks.
    (CVE-2013-0774)

  - A use-after-free error exists in the function     'nsImageLoadingContent'. (CVE-2013-0775)

  - Spoofing HTTPS URLs is possible due to an error related     to proxy '407' responses and embedded script code.
    (CVE-2013-0776)

  - A heap-based use-after-free error exists in the function     'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)

  - An out-of-bounds read error exists in the function     'ClusterIterator::NextCluster'. (CVE-2013-0778)

  - An out-of-bounds read error exists in the function     'nsCodingStateMachine::NextState'. (CVE-2013-0779)

  - A heap-based use-after-free error exists in the function     'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

  - A heap-based use-after-free error exists in the function     'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

  - A heap-based buffer overflow error exists in the     function 'nsSaveAsCharset::DoCharsetConversion'.
    (CVE-2013-0782)

The installed version of Firefox is earlier than 19.0 and thus, is potentially affected by the following security issues :

  - Numerous memory safety errors exist. (CVE-2013-0783,     CVE-2013-0784)

  - An out-of-bounds read error exists related to the     handling of GIF images. (CVE-2013-0772)

  - An error exists related to 'WebIDL' object wrapping     that has an unspecified impact. (CVE-2013-0765)

  - An error exists related to Chrome Object Wrappers (COW)     or System Only Wrappers (SOW) that could allow security     bypass. (CVE-2013-0773)

  - The file system location of the active browser profile     could be disclosed and used in further attacks.
    (CVE-2013-0774)

  - A use-after-free error exists in the function     'nsImageLoadingContent'. (CVE-2013-0775)

  - Spoofing HTTPS URLs is possible due to an error related     to proxy '407' responses and embedded script code.
    (CVE-2013-0776)

  - A heap-based use-after-free error exists in the function     'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)

  - An out-of-bounds read error exists in the function     'ClusterIterator::NextCluster'. (CVE-2013-0778)

  - An out-of-bounds read error exists in the function     'nsCodingStateMachine::NextState'. (CVE-2013-0779)

  - A heap-based use-after-free error exists in the function     'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

  - A heap-based use-after-free error exists in the function     'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

  - A heap-based buffer overflow error exists in the     function 'nsSaveAsCharset::DoCharsetConversion'.
    (CVE-2013-0782)

The installed version of Firefox 18.x is potentially affected by the following security issues :

  - Numerous memory safety errors exist. (CVE-2013-0783,     CVE-2013-0784)

  - An out-of-bounds read error exists related to the     handling of GIF images. (CVE-2013-0772)

  - An error exists related to 'WebIDL' object wrapping     that has an unspecified impact. (CVE-2013-0765)

  - An error exists related to Chrome Object Wrappers (COW)     or System Only Wrappers (SOW) that could allow security     bypass. (CVE-2013-0773)

  - The file system location of the active browser profile     could be disclosed and used in further attacks.
    (CVE-2013-0774)

  - A use-after-free error exists in the function     'nsImageLoadingContent'. (CVE-2013-0775)

  - Spoofing HTTPS URLs is possible due to an error related     to proxy '407' responses and embedded script code.
    (CVE-2013-0776)

  - A heap-based use-after-free error exists in the function     'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)

  - An out-of-bounds read error exists in the function     'ClusterIterator::NextCluster'. (CVE-2013-0778)

  - An out-of-bounds read error exists in the function     'nsCodingStateMachine::NextState'. (CVE-2013-0779)

  - A heap-based use-after-free error exists in the function     'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

  - A heap-based use-after-free error exists in the function     'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

  - A heap-based buffer overflow error exists in the     function 'nsSaveAsCharset::DoCharsetConversion'.
    (CVE-2013-0782)

Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash. (CVE-2013-0783, CVE-2013-0784)

Atte Kettunen discovered that Firefox could perform an out-of-bounds read while rendering GIF format images. An attacker could exploit this to crash Firefox. (CVE-2013-0772)

Boris Zbarsky discovered that Firefox did not properly handle some wrapped WebIDL objects. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox.
(CVE-2013-0765)

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0773)

Frederik Braun that Firefox made the location of the active browser profile available to JavaScript workers. (CVE-2013-0774)

A use-after-free vulnerability was discovered in Firefox. An attacker could potentially exploit this to execute code with the privileges of the user invoking Firefox. (CVE-2013-0775)

Michal Zalewski discovered that Firefox would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks. (CVE-2013-0776)

Abhishek Arya discovered several problems related to memory handling.
If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Versions of Mozilla Thunderbird prior to 17.0.3 are affected by the following security issues :

- Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)
 - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)
 - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)
 - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)
 - The file system location of the active browser profile could be disclosed and used in further attacks. (CVE-2013-0774)
 - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)
 - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code. (CVE-2013-0776)
 - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)
 - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)
 - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)
 - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)
 - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)
 - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'. (CVE-2013-0782)

Versions of Firefox prior to 19.0 are potentially affected by the following security issues :

 - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)
 - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)
 - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)
 - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)
 - The file system location of the active browser profile could be disclosed and used in further attacks. (CVE-2013-0774)
 - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)
 - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code. (CVE-2013-0776)
 - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)
 - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)
 - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)
 - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)
 - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)
 - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'. (CVE-2013-0782)

ID	Name	Product	Family	Severity
74898	openSUSE Security Update : Mozilla (openSUSE-SU-2013:0323-1)	Nessus	SuSE Local Security Checks	critical
70183	GLSA-201309-23 : Mozilla Products: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
64967	Ubuntu 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1729-2)	Nessus	Ubuntu Local Security Checks	critical
64892	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1748-1)	Nessus	Ubuntu Local Security Checks	critical
801258	Mozilla SeaMonkey < 2.16 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
6693	SeaMonkey < 2.16 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
801245	Mozilla Thunderbird 17.x < 17.0.3 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
801233	Mozilla Firefox 18.x <= 18 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
64726	SeaMonkey < 2.16 Multiple Vulnerabilities	Nessus	Windows	critical
64724	Mozilla Thunderbird < 17.0.3 Multiple Vulnerabilities	Nessus	Windows	critical
64723	Firefox < 19.0 Multiple Vulnerabilities	Nessus	Windows	critical
64720	Thunderbird < 17.0.3 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
64719	Firefox 18.x Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
64698	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1729-1)	Nessus	Ubuntu Local Security Checks	critical
6692	Mozilla Thunderbird < 17.0.3 Multiple Vulnerabilities	Nessus Network Monitor	SMTP Clients	high
6691	Mozilla Firefox < 19.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high

CVE-2013-0777

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins