CVE-2013-1706

EUVD-2013-1733
Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
17.0
mozillafirefox
17.0.1
mozillafirefox
17.0.2
mozillafirefox
17.0.3
mozillafirefox
17.0.4
mozillafirefox
17.0.5
mozillafirefox
17.0.6
mozillafirefox
17.0.7
mozillathunderbird
𝑥
≤ 17.0.7
mozillathunderbird
17.0
mozillathunderbird
17.0.1
mozillathunderbird
17.0.2
mozillathunderbird
17.0.3
mozillathunderbird
17.0.4
mozillathunderbird
17.0.5
mozillathunderbird
17.0.6
mozillathunderbird_esr
17.0
mozillathunderbird_esr
17.0.1
mozillathunderbird_esr
17.0.2
mozillathunderbird_esr
17.0.3
mozillathunderbird_esr
17.0.4
mozillathunderbird_esr
17.0.5
mozillathunderbird_esr
17.0.6
mozillathunderbird_esr
17.0.7
mozillafirefox
𝑥
≤ 22.0
mozillafirefox
19.0
mozillafirefox
19.0.1
mozillafirefox
19.0.2
mozillafirefox
20.0
mozillafirefox
20.0.1
mozillafirefox
21.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.mozilla.org/security/announce/2013/mfsa2013-66.html
https://bugzilla.mozilla.org/show_bug.cgi?id=888361
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18930
http://www.mozilla.org/security/announce/2013/mfsa2013-66.html
https://bugzilla.mozilla.org/show_bug.cgi?id=888361
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18930