CVE-2013-0801

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html

http://rhn.redhat.com/errata/RHSA-2013-0820.html

http://rhn.redhat.com/errata/RHSA-2013-0821.html

http://www.debian.org/security/2013/dsa-2699

http://www.mandriva.com/security/advisories?name=MDVSA-2013:165

http://www.mozilla.org/security/announce/2013/mfsa2013-41.html

http://www.securityfocus.com/bid/59855

http://www.ubuntu.com/usn/USN-1822-1

http://www.ubuntu.com/usn/USN-1823-1

https://bugzilla.mozilla.org/show_bug.cgi?id=787283

https://bugzilla.mozilla.org/show_bug.cgi?id=808402

https://bugzilla.mozilla.org/show_bug.cgi?id=849597

https://bugzilla.mozilla.org/show_bug.cgi?id=852315

https://bugzilla.mozilla.org/show_bug.cgi?id=864558

https://bugzilla.mozilla.org/show_bug.cgi?id=866544

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17062

Details

Source: MITRE

Published: 2013-05-16

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (30 total)

IDNameProductFamilySeverity
75014openSUSE Security Update : xulrunner (openSUSE-SU-2013:0929-1)NessusSuSE Local Security Checks
critical
75013openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2013:0894-1)NessusSuSE Local Security Checks
critical
75009openSUSE Security Update : MozillaFirefox (openSUSE-SU-2013:0946-1)NessusSuSE Local Security Checks
critical
70183GLSA-201309-23 : Mozilla Products: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
68949SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 8001)NessusSuSE Local Security Checks
critical
68821Oracle Linux 6 : thunderbird (ELSA-2013-0821)NessusOracle Linux Local Security Checks
critical
68820Oracle Linux 5 / 6 : firefox (ELSA-2013-0820)NessusOracle Linux Local Security Checks
critical
67201Debian DSA-2720-1 : icedove - several vulnerabilitiesNessusDebian Local Security Checks
critical
66766Debian DSA-2699-1 : iceweasel - several vulnerabilitiesNessusDebian Local Security Checks
critical
801267Mozilla Firefox 20.x <= 20 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
medium
6828Mozilla Firefox < 21.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
66482Mozilla Thunderbird ESR 17.x < 17.0.6 Multiple VulnerabilitiesNessusWindows
critical
66481Mozilla Thunderbird 17.x < 17.0.5 Multiple VulnerabilitiesNessusWindows
critical
66480Firefox < 21.0 Multiple VulnerabilitiesNessusWindows
critical
66479Firefox ESR 17.x < 17.0.6 Multiple VulnerabilitiesNessusWindows
critical
66478Thunderbird ESR 17.x < 17.0.6 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
66477Thunderbird 17.x < 17.0.6 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
66476Firefox < 21.0 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
66475Firefox ESR 17.x < 17.0.6 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
66461Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20130514)NessusScientific Linux Local Security Checks
critical
66460Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130514)NessusScientific Linux Local Security Checks
critical
66455FreeBSD : mozilla -- multiple vulnerabilities (4a1ca8a4-bd82-11e2-b7a0-d43d7e0c7c02)NessusFreeBSD Local Security Checks
critical
801314Mozilla Thunderbird 17.x < 17.0.6 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
6822Mozilla Thunderbird 17.x < 17.0.6 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
high
66443Ubuntu 12.04 LTS / 12.10 / 13.04 : thunderbird vulnerabilities (USN-1823-1)NessusUbuntu Local Security Checks
critical
66442Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox vulnerabilities (USN-1822-1)NessusUbuntu Local Security Checks
critical
66438RHEL 5 / 6 : thunderbird (RHSA-2013:0821)NessusRed Hat Local Security Checks
critical
66437RHEL 5 / 6 : firefox (RHSA-2013:0820)NessusRed Hat Local Security Checks
critical
66430CentOS 5 / 6 : thunderbird (CESA-2013:0821)NessusCentOS Local Security Checks
critical
66429CentOS 5 / 6 : firefox (CESA-2013:0820)NessusCentOS Local Security Checks
critical