CVE-2013-0783

HIGH

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html

http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html

http://rhn.redhat.com/errata/RHSA-2013-0271.html

http://rhn.redhat.com/errata/RHSA-2013-0272.html

http://www.debian.org/security/2013/dsa-2699

http://www.mozilla.org/security/announce/2013/mfsa2013-21.html

http://www.ubuntu.com/usn/USN-1729-1

http://www.ubuntu.com/usn/USN-1729-2

http://www.ubuntu.com/usn/USN-1748-1

https://bugzilla.mozilla.org/show_bug.cgi?id=690970

https://bugzilla.mozilla.org/show_bug.cgi?id=761448

https://bugzilla.mozilla.org/show_bug.cgi?id=780549

https://bugzilla.mozilla.org/show_bug.cgi?id=812380

https://bugzilla.mozilla.org/show_bug.cgi?id=818241

https://bugzilla.mozilla.org/show_bug.cgi?id=822858

https://bugzilla.mozilla.org/show_bug.cgi?id=826471

https://bugzilla.mozilla.org/show_bug.cgi?id=830399

https://bugzilla.mozilla.org/show_bug.cgi?id=830975

https://bugzilla.mozilla.org/show_bug.cgi?id=832162

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16219

Details

Source: MITRE

Published: 2013-02-19

Updated: 2020-08-06

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux_aus:5.9:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

Tenable Plugins

View all (32 total)

IDNameProductFamilySeverity
74898openSUSE Security Update : Mozilla (openSUSE-SU-2013:0323-1)NessusSuSE Local Security Checks
critical
70183GLSA-201309-23 : Mozilla Products: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
68733Oracle Linux 6 : thunderbird (ELSA-2013-0272)NessusOracle Linux Local Security Checks
high
68732Oracle Linux 5 / 6 : firefox (ELSA-2013-0271)NessusOracle Linux Local Security Checks
high
66766Debian DSA-2699-1 : iceweasel - several vulnerabilitiesNessusDebian Local Security Checks
critical
65598SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8506)NessusSuSE Local Security Checks
critical
65175SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7447)NessusSuSE Local Security Checks
critical
64967Ubuntu 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1729-2)NessusUbuntu Local Security Checks
critical
64892Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1748-1)NessusUbuntu Local Security Checks
critical
801258Mozilla SeaMonkey < 2.16 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
6693SeaMonkey < 2.16 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
64779Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20130219)NessusScientific Linux Local Security Checks
critical
64777Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130219)NessusScientific Linux Local Security Checks
critical
64729CentOS 5 / 6 : thunderbird (CESA-2013:0272)NessusCentOS Local Security Checks
high
801245Mozilla Thunderbird 17.x < 17.0.3 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
801233Mozilla Firefox 18.x <= 18 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
6692Mozilla Thunderbird < 17.0.3 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
high
6691Mozilla Firefox < 19.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
64726SeaMonkey < 2.16 Multiple VulnerabilitiesNessusWindows
critical
64725Mozilla Thunderbird ESR 17.x < 17.0.3 Multiple VulnerabilitiesNessusWindows
critical
64724Mozilla Thunderbird < 17.0.3 Multiple VulnerabilitiesNessusWindows
critical
64723Firefox < 19.0 Multiple VulnerabilitiesNessusWindows
critical
64722Firefox ESR 17.x < 17.0.3 Multiple VulnerabilitiesNessusWindows
critical
64721Thunderbird ESR 17.x < 17.0.3 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
64720Thunderbird < 17.0.3 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
64719Firefox 18.x Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
64718Firefox ESR 17.x < 17.0.3 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
64698Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1729-1)NessusUbuntu Local Security Checks
critical
64697RHEL 5 / 6 : thunderbird (RHSA-2013:0272)NessusRed Hat Local Security Checks
high
64696RHEL 5 / 6 : firefox (RHSA-2013:0271)NessusRed Hat Local Security Checks
high
64693FreeBSD : mozilla -- multiple vulnerabilities (e3f0374a-7ad6-11e2-84cd-d43d7e0c7c02)NessusFreeBSD Local Security Checks
high
64692CentOS 5 / 6 : devhelp / firefox / libproxy / xulrunner / yelp (CESA-2013:0271)NessusCentOS Local Security Checks
high