CVE-2013-1682

Mozilla Firefox < 21.0 and Thunderbird < 17.0.6 - Remote Code Execution

Title source: llm
STIX 2.1

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References (19)

Core 19
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0982.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0981.html
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=840098
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1890-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1891-1
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=830389
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=862309
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=867482
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17392
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2013/dsa-2716
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2013/dsa-2720
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/60765

Scores

EPSS 0.0540
EPSS Percentile 91.8%

Details

Status published
Products (27)
mozilla/firefox 19.0
mozilla/firefox 19.0.1
mozilla/firefox 19.0.2
mozilla/firefox 20.0
mozilla/firefox 20.0.1
mozilla/firefox 17.0
mozilla/firefox 17.0.1
mozilla/firefox 17.0.2
mozilla/firefox 17.0.3
mozilla/firefox 17.0.4
... and 17 more
Published Jun 26, 2013
Tracked Since Feb 18, 2026