CVE-2013-0787

Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
𝑥
≤ 19.0.1
mozillafirefox
19.0
mozillafirefox
17.0
mozillafirefox
17.0.1
mozillafirefox
17.0.2
mozillafirefox
17.0.3
mozillathunderbird
𝑥
≤ 17.0.3
mozillathunderbird
17.0
mozillathunderbird
17.0.1
mozillathunderbird
17.0.2
mozillathunderbird_esr
17.0
mozillathunderbird_esr
17.0.1
mozillathunderbird_esr
17.0.2
mozillathunderbird_esr
17.0.3
mozillaseamonkey
𝑥
≤ 2.16
mozillaseamonkey
2.16:beta1
mozillaseamonkey
2.16:beta2
mozillaseamonkey
2.16:beta3
mozillaseamonkey
2.16:beta4
mozillaseamonkey
2.16:beta5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
hardy
ignored
lucid
Fixed 19.0.2+build1-0ubuntu0.10.04.1
released
oneiric
Fixed 19.0.2+build1-0ubuntu0.11.10.1
released
precise
Fixed 19.0.2+build1-0ubuntu0.12.04.1
released
quantal
Fixed 19.0.2+build1-0ubuntu0.12.10.1
released
raring
Fixed 19.0.2+build1-0ubuntu1
released
saucy
Fixed 19.0.2+build1-0ubuntu1
released
seamonkey
hardy
ignored
lucid
ignored
oneiric
ignored
precise
dne
quantal
dne
raring
dne
saucy
dne
thunderbird
hardy
ignored
lucid
Fixed 17.0.4+build1-0ubuntu0.10.04.1
released
oneiric
Fixed 17.0.4+build1-0ubuntu0.11.10.1
released
precise
Fixed 17.0.4+build1-0ubuntu0.12.04.1
released
quantal
Fixed 17.0.4+build1-0ubuntu0.12.10.1
released
raring
Fixed 17.0.4+build1-0ubuntu1
released
saucy
Fixed 17.0.4+build1-0ubuntu1
released
xulrunner-1.9.2
hardy
ignored
lucid
ignored
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
xulrunner-2.0
hardy
dne
lucid
dne
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
MozillaFirefox
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 12 SP5
68.1.0-109.92.1
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 12 SP5
68.1.0-109.92.1
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaFirefox-devel
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaFirefox-translations-common
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 12 SP5
68.1.0-109.92.1
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 12 SP5
68.1.0-109.92.1
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaFirefox-translations-other
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaThunderbird
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise desktop 15 SP1
60.6.1-3.28.1
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise sap 15 SP1
60.6.1-3.28.1
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise server 15 SP1
60.6.1-3.28.1
fixed
suse enterprise workstation 15
52.8-1.2
fixed
suse enterprise workstation 15 SP1
60.6.1-3.28.1
fixed
MozillaThunderbird-devel
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise workstation 15
52.8-1.2
fixed
MozillaThunderbird-translations-common
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise desktop 15 SP1
60.6.1-3.28.1
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise sap 15 SP1
60.6.1-3.28.1
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise server 15 SP1
60.6.1-3.28.1
fixed
suse enterprise workstation 15
52.8-1.2
fixed
suse enterprise workstation 15 SP1
60.6.1-3.28.1
fixed
MozillaThunderbird-translations-other
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise desktop 15 SP1
60.6.1-3.28.1
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise sap 15 SP1
60.6.1-3.28.1
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise server 15 SP1
60.6.1-3.28.1
fixed
suse enterprise workstation 15
52.8-1.2
fixed
suse enterprise workstation 15 SP1
60.6.1-3.28.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
thunderbird
RHEL 6
0:17.0.3-2.el6_4
fixed
xulrunner
RHEL 6
0:17.0.3-2.el6_4
fixed
xulrunner-devel
RHEL 6
0:17.0.3-2.el6_4
fixed
Common Weakness Enumeration
References
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00028.html
http://rhn.redhat.com/errata/RHSA-2013-0614.html
http://rhn.redhat.com/errata/RHSA-2013-0627.html
http://twitter.com/VUPEN/statuses/309505403631325184
http://twitter.com/thezdi/statuses/309484730506698752
http://www.debian.org/security/2013/dsa-2699
http://www.mozilla.org/security/announce/2013/mfsa2013-29.html
http://www.securityfocus.com/bid/58391
http://www.ubuntu.com/usn/USN-1758-1
https://bugzilla.mozilla.org/show_bug.cgi?id=848644
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16737
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00028.html
http://rhn.redhat.com/errata/RHSA-2013-0614.html
http://rhn.redhat.com/errata/RHSA-2013-0627.html
http://twitter.com/VUPEN/statuses/309505403631325184
http://twitter.com/thezdi/statuses/309484730506698752
http://www.debian.org/security/2013/dsa-2699
http://www.mozilla.org/security/announce/2013/mfsa2013-29.html
http://www.securityfocus.com/bid/58391
http://www.ubuntu.com/usn/USN-1758-1
https://bugzilla.mozilla.org/show_bug.cgi?id=848644
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16737