CVE-2013-1682

HIGH

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html

http://rhn.redhat.com/errata/RHSA-2013-0981.html

http://rhn.redhat.com/errata/RHSA-2013-0982.html

http://www.debian.org/security/2013/dsa-2716

http://www.debian.org/security/2013/dsa-2720

http://www.mozilla.org/security/announce/2013/mfsa2013-49.html

http://www.securityfocus.com/bid/60765

http://www.ubuntu.com/usn/USN-1890-1

http://www.ubuntu.com/usn/USN-1891-1

https://bugzilla.mozilla.org/show_bug.cgi?id=830389

https://bugzilla.mozilla.org/show_bug.cgi?id=840098

https://bugzilla.mozilla.org/show_bug.cgi?id=862309

https://bugzilla.mozilla.org/show_bug.cgi?id=867482

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17392

Details

Source: MITRE

Published: 2013-06-26

Updated: 2017-09-19

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

ID	Name	Product	Family	Severity
75081	openSUSE Security Update : seamonkey (openSUSE-SU-2013:1180-1)	Nessus	SuSE Local Security Checks	critical
75073	openSUSE Security Update : MozillaFirefox (openSUSE-SU-2013:1142-1)	Nessus	SuSE Local Security Checks	critical
75072	openSUSE Security Update : xulrunner (openSUSE-SU-2013:1143-1)	Nessus	SuSE Local Security Checks	critical
75071	openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2013:1141-1)	Nessus	SuSE Local Security Checks	critical
70183	GLSA-201309-23 : Mozilla Products: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
68949	SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 8001)	Nessus	SuSE Local Security Checks	critical
68840	Oracle Linux 6 : thunderbird (ELSA-2013-0982)	Nessus	Oracle Linux Local Security Checks	critical
68839	Oracle Linux 5 / 6 : firefox (ELSA-2013-0981)	Nessus	Oracle Linux Local Security Checks	critical
67201	Debian DSA-2720-1 : icedove - several vulnerabilities	Nessus	Debian Local Security Checks	critical
67198	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8636)	Nessus	SuSE Local Security Checks	critical
67195	SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7976)	Nessus	SuSE Local Security Checks	critical
67186	Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox regression (USN-1890-2)	Nessus	Ubuntu Local Security Checks	critical
67101	Debian DSA-2716-1 : iceweasel - several vulnerabilities	Nessus	Debian Local Security Checks	critical
801326	Mozilla Thunderbird < 17.0.7 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
6894	Mozilla Thunderbird < 17.0.7 Multiple Vulnerabilities	Nessus Network Monitor	SMTP Clients	high
67001	Ubuntu 12.04 LTS / 12.10 / 13.04 : thunderbird vulnerabilities (USN-1891-1)	Nessus	Ubuntu Local Security Checks	critical
67000	Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox vulnerabilities (USN-1890-1)	Nessus	Ubuntu Local Security Checks	critical
66999	FreeBSD : mozilla -- multiple vulnerabilities (b3fcb387-de4b-11e2-b1c6-0025905a4771)	Nessus	FreeBSD Local Security Checks	critical
66997	CentOS 5 / 6 : thunderbird (CESA-2013:0982)	Nessus	CentOS Local Security Checks	critical
66996	CentOS 5 / 6 : firefox / xulrunner (CESA-2013:0981)	Nessus	CentOS Local Security Checks	critical
801353	Mozilla Firefox < 22.0 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
66995	Mozilla Thunderbird ESR 17.x < 17.0.7 Multiple Vulnerabilities	Nessus	Windows	critical
66994	Mozilla Thunderbird < 17.0.7 Multiple Vulnerabilities	Nessus	Windows	critical
66993	Firefox < 22.0 Multiple Vulnerabilities	Nessus	Windows	critical
66992	Firefox ESR 17.x < 17.0.7 Multiple Vulnerabilities	Nessus	Windows	critical
66991	Thunderbird ESR 17.x < 17.0.7 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
66990	Thunderbird < 17.0.7 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
66989	Firefox < 22.0 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
66988	Firefox ESR 17.x < 17.0.7 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	critical
66984	Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
66983	Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
66980	RHEL 5 / 6 : thunderbird (RHSA-2013:0982)	Nessus	Red Hat Local Security Checks	critical
66979	RHEL 5 / 6 : firefox (RHSA-2013:0981)	Nessus	Red Hat Local Security Checks	critical
6886	Mozilla Firefox < 22.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	critical