CVE-2013-0801

EUVD-2013-0812
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
𝑥
≤ 20.0.1
mozillafirefox
19.0
mozillafirefox
19.0.1
mozillafirefox
19.0.2
mozillafirefox
20.0
mozillafirefox
17.0
mozillafirefox
17.0.1
mozillafirefox
17.0.2
mozillafirefox
17.0.3
mozillafirefox
17.0.4
mozillafirefox
17.0.5
mozillathunderbird
𝑥
≤ 17.0.5
mozillathunderbird
17.0
mozillathunderbird
17.0.1
mozillathunderbird
17.0.2
mozillathunderbird
17.0.3
mozillathunderbird
17.0.4
mozillathunderbird_esr
17.0
mozillathunderbird_esr
17.0.1
mozillathunderbird_esr
17.0.2
mozillathunderbird_esr
17.0.3
mozillathunderbird_esr
17.0.4
mozillathunderbird_esr
17.0.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
lucid
ignored
precise
Fixed 21.0+build1-0ubuntu0.12.04.3
released
quantal
Fixed 21.0+build1-0ubuntu0.12.10.2
released
raring
Fixed 21.0+build1-0ubuntu0.12.04.2
released
seamonkey
lucid
ignored
precise
dne
quantal
dne
raring
dne
thunderbird
lucid
ignored
precise
Fixed 17.0.6+build1-0ubuntu0.12.04.1
released
quantal
Fixed 17.0.6+build1-0ubuntu0.12.10.1
released
raring
Fixed 17.0.6+build1-0ubuntu0.13.04.1
released
xulrunner-1.9.2
lucid
ignored
precise
dne
quantal
dne
raring
dne
References
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html
http://rhn.redhat.com/errata/RHSA-2013-0820.html
http://rhn.redhat.com/errata/RHSA-2013-0821.html
http://www.debian.org/security/2013/dsa-2699
http://www.mandriva.com/security/advisories?name=MDVSA-2013:165
http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
http://www.securityfocus.com/bid/59855
http://www.ubuntu.com/usn/USN-1822-1
http://www.ubuntu.com/usn/USN-1823-1
https://bugzilla.mozilla.org/show_bug.cgi?id=787283
https://bugzilla.mozilla.org/show_bug.cgi?id=808402
https://bugzilla.mozilla.org/show_bug.cgi?id=849597
https://bugzilla.mozilla.org/show_bug.cgi?id=852315
https://bugzilla.mozilla.org/show_bug.cgi?id=864558
https://bugzilla.mozilla.org/show_bug.cgi?id=866544
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17062
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html
http://rhn.redhat.com/errata/RHSA-2013-0820.html
http://rhn.redhat.com/errata/RHSA-2013-0821.html
http://www.debian.org/security/2013/dsa-2699
http://www.mandriva.com/security/advisories?name=MDVSA-2013:165
http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
http://www.securityfocus.com/bid/59855
http://www.ubuntu.com/usn/USN-1822-1
http://www.ubuntu.com/usn/USN-1823-1
https://bugzilla.mozilla.org/show_bug.cgi?id=787283
https://bugzilla.mozilla.org/show_bug.cgi?id=808402
https://bugzilla.mozilla.org/show_bug.cgi?id=849597
https://bugzilla.mozilla.org/show_bug.cgi?id=852315
https://bugzilla.mozilla.org/show_bug.cgi?id=864558
https://bugzilla.mozilla.org/show_bug.cgi?id=866544
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17062