CVE-2013-0788

HIGH

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html

http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html

http://rhn.redhat.com/errata/RHSA-2013-0696.html

http://rhn.redhat.com/errata/RHSA-2013-0697.html

http://www.debian.org/security/2013/dsa-2699

http://www.mozilla.org/security/announce/2013/mfsa2013-30.html

http://www.ubuntu.com/usn/USN-1791-1

https://bugzilla.mozilla.org/show_bug.cgi?id=635852

https://bugzilla.mozilla.org/show_bug.cgi?id=771942

https://bugzilla.mozilla.org/show_bug.cgi?id=784730

https://bugzilla.mozilla.org/show_bug.cgi?id=813442

https://bugzilla.mozilla.org/show_bug.cgi?id=827870

https://bugzilla.mozilla.org/show_bug.cgi?id=834240

https://bugzilla.mozilla.org/show_bug.cgi?id=839621

https://bugzilla.mozilla.org/show_bug.cgi?id=840263

https://bugzilla.mozilla.org/show_bug.cgi?id=840353

https://bugzilla.mozilla.org/show_bug.cgi?id=852923

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16629

Details

Source: MITRE

Published: 2013-04-03

Updated: 2017-09-19

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to 19.0.2 (inclusive)

Configuration 2

OR

cpe:2.3:a:mozilla:firefox_esr:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:17.0.4:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.7.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.8:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.8:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.8:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.8:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.8:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.8:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.9:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.9:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.9:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.9:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.9.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.10:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.10:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.10:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.10.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.11:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.11:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.11:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.11:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.11:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.11:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.12.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.13.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.14:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.14:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.14:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.14:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.14:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.15.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.16.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.17:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.17:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.17:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:*:beta4:*:*:*:*:*:* versions up to 2.17 (inclusive)

Tenable Plugins

View all (39 total)

IDNameProductFamilySeverity
83585SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2013:0850-1)NessusSuSE Local Security Checks
critical
75081openSUSE Security Update : seamonkey (openSUSE-SU-2013:1180-1)NessusSuSE Local Security Checks
critical
74988openSUSE Security Update : seamonkey (openSUSE-SU-2013:0875-1)NessusSuSE Local Security Checks
critical
74965openSUSE Security Update : Mozilla Firefox and others (openSUSE-SU-2013:0630-1)NessusSuSE Local Security Checks
critical
70183GLSA-201309-23 : Mozilla Products: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
68949SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 8001)NessusSuSE Local Security Checks
critical
68802Oracle Linux 6 : thunderbird (ELSA-2013-0697)NessusOracle Linux Local Security Checks
critical
68801Oracle Linux 5 / 6 : firefox (ELSA-2013-0696)NessusOracle Linux Local Security Checks
critical
66766Debian DSA-2699-1 : iceweasel - several vulnerabilitiesNessusDebian Local Security Checks
critical
66668SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8578)NessusSuSE Local Security Checks
critical
66667SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7741)NessusSuSE Local Security Checks
critical
66666SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7741)NessusSuSE Local Security Checks
critical
65867Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1791-1)NessusUbuntu Local Security Checks
critical
65866SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8537)NessusSuSE Local Security Checks
critical
65865SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7599)NessusSuSE Local Security Checks
critical
65847FreeBSD : mozilla -- multiple vulnerabilities (94976433-9c74-11e2-a9fc-d43d7e0c7c02)NessusFreeBSD Local Security Checks
critical
65817Ubuntu 12.10 : unity-firefox-extension update (USN-1786-2)NessusUbuntu Local Security Checks
critical
65816Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1786-1)NessusUbuntu Local Security Checks
critical
801250Mozilla Thunderbird < 17.0.5 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
801242Mozilla Firefox < 20.0 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
801224Mozilla SeaMonkey < 2.17 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
6736Mozilla Thunderbird < 17.0.5 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
critical
6735SeaMonkey < 2.17 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
6734Mozilla Firefox < 20.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
65809SeaMonkey < 2.17 Multiple VulnerabilitiesNessusWindows
critical
65808Mozilla Thunderbird ESR 17.x < 17.0.5 Multiple VulnerabilitiesNessusWindows
critical
65807Mozilla Thunderbird < 17.0.5 Multiple VulnerabilitiesNessusWindows
critical
65806Firefox < 20 Multiple VulnerabilitiesNessusWindows
critical
65805Firefox ESR 17.x < 17.0.5 Multiple VulnerabilitiesNessusWindows
critical
65804Thunderbird ESR 17.x < 17.0.5 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
65803Thunderbird < 17.0.5 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
65802Firefox < 20 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
65801Firefox ESR 17.x < 17.0.5 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
65783Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20130402)NessusScientific Linux Local Security Checks
critical
65782Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130402)NessusScientific Linux Local Security Checks
critical
65781RHEL 5 / 6 : thunderbird (RHSA-2013:0697)NessusRed Hat Local Security Checks
critical
65780RHEL 5 / 6 : firefox (RHSA-2013:0696)NessusRed Hat Local Security Checks
critical
65771CentOS 5 / 6 : thunderbird (CESA-2013:0697)NessusCentOS Local Security Checks
critical
65770CentOS 5 / 6 : firefox / xulrunner (CESA-2013:0696)NessusCentOS Local Security Checks
critical