PT-2013-3323 · Mozilla+1 · Firefox+1

Published

2013-06-26

Updated

2024-12-12

CVE-2013-1688

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 22.0

Description The issue allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site, due to the Profiler implementation parsing untrusted data during UI rendering.

Recommendations For versions prior to 22.0, update to version 22.0 or later to resolve the issue.

Exploit

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2013-1688

OPENSUSE-SU-2013_1140-1

OPENSUSE-SU-2013_1142-1

OPENSUSE-SU-2013_1176-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:14572-1

Affected Products

Firefox

Suse

PT-2013-3323 · Mozilla+1 · Firefox+1

CVE-2013-1688

Weakness Enumeration

Related Identifiers

Affected Products

References · 2087