PT-2013-2602 · Mozilla+3 · Firefox+7

Nils

Publicado

2013-02-19

Atualizado

2024-12-12

CVE-2013-0775

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 19.0 Firefox ESR versions prior to 17.0.3 Thunderbird versions prior to 17.0.3 Thunderbird ESR versions prior to 17.0.3 SeaMonkey versions prior to 2.16

Description The issue allows remote attackers to execute arbitrary code via crafted web script, specifically due to a use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function.

Recommendations For Mozilla Firefox versions prior to 19.0, update to version 19.0 or later. For Firefox ESR versions prior to 17.0.3, update to version 17.0.3 or later. For Thunderbird versions prior to 17.0.3, update to version 17.0.3 or later. For Thunderbird ESR versions prior to 17.0.3, update to version 17.0.3 or later. For SeaMonkey versions prior to 2.16, update to version 2.16 or later.

Exploit

Correção

RCE

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

CESA-2013_0271

CESA-2013_0272

CVE-2013-0775

DSA-2699-1

OPENSUSE-SU-2013_0323-1

OPENSUSE-SU-2014_1100-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:10230-1

OPENSUSE-SU-2024:14572-1

RHSA-2013:0271

RHSA-2013:0272

RHSA-2013_0271

RHSA-2013_0272

Produtos afetados

Centos

Firefox Esr

Firefox

Red Hat

Seamonkey

Suse

Thunderbird

Thunderbird Esr

PT-2013-2602 · Mozilla+3 · Firefox+7

CVE-2013-0775

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3133