CVE-2013-1711
07.08.2013, 01:55
The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 𝑥 ≤ 2.20 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.0:alpha_1 |
| mozilla | seamonkey | 2.0:alpha_2 |
| mozilla | seamonkey | 2.0:alpha_3 |
| mozilla | seamonkey | 2.0:beta_1 |
| mozilla | seamonkey | 2.0:beta_2 |
| mozilla | seamonkey | 2.0:rc1 |
| mozilla | seamonkey | 2.0:rc2 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.1:alpha1 |
| mozilla | seamonkey | 2.1:alpha2 |
| mozilla | seamonkey | 2.1:alpha3 |
| mozilla | seamonkey | 2.1:beta1 |
| mozilla | seamonkey | 2.1:beta2 |
| mozilla | seamonkey | 2.1:beta3 |
| mozilla | seamonkey | 2.1:rc1 |
| mozilla | seamonkey | 2.1:rc2 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 2.2:beta1 |
| mozilla | seamonkey | 2.2:beta2 |
| mozilla | seamonkey | 2.2:beta3 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3:beta1 |
| mozilla | seamonkey | 2.3:beta2 |
| mozilla | seamonkey | 2.3:beta3 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.4:beta1 |
| mozilla | seamonkey | 2.4:beta2 |
| mozilla | seamonkey | 2.4:beta3 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.5:beta1 |
| mozilla | seamonkey | 2.5:beta2 |
| mozilla | seamonkey | 2.5:beta3 |
| mozilla | seamonkey | 2.5:beta4 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.6:beta1 |
| mozilla | seamonkey | 2.6:beta2 |
| mozilla | seamonkey | 2.6:beta3 |
| mozilla | seamonkey | 2.6:beta4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.7:beta1 |
| mozilla | seamonkey | 2.7:beta2 |
| mozilla | seamonkey | 2.7:beta3 |
| mozilla | seamonkey | 2.7:beta4 |
| mozilla | seamonkey | 2.7:beta5 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.8:beta1 |
| mozilla | seamonkey | 2.8:beta2 |
| mozilla | seamonkey | 2.8:beta3 |
| mozilla | seamonkey | 2.8:beta4 |
| mozilla | seamonkey | 2.8:beta5 |
| mozilla | seamonkey | 2.8:beta6 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | 2.9:beta1 |
| mozilla | seamonkey | 2.9:beta2 |
| mozilla | seamonkey | 2.9:beta3 |
| mozilla | seamonkey | 2.9:beta4 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.10:beta1 |
| mozilla | seamonkey | 2.10:beta2 |
| mozilla | seamonkey | 2.10:beta3 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.11:beta1 |
| mozilla | seamonkey | 2.11:beta2 |
| mozilla | seamonkey | 2.11:beta3 |
| mozilla | seamonkey | 2.11:beta4 |
| mozilla | seamonkey | 2.11:beta5 |
| mozilla | seamonkey | 2.11:beta6 |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.12:beta1 |
| mozilla | seamonkey | 2.12:beta2 |
| mozilla | seamonkey | 2.12:beta3 |
| mozilla | seamonkey | 2.12:beta4 |
| mozilla | seamonkey | 2.12:beta5 |
| mozilla | seamonkey | 2.12:beta6 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.13:beta1 |
| mozilla | seamonkey | 2.13:beta2 |
| mozilla | seamonkey | 2.13:beta3 |
| mozilla | seamonkey | 2.13:beta4 |
| mozilla | seamonkey | 2.13:beta5 |
| mozilla | seamonkey | 2.13:beta6 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.14:beta1 |
| mozilla | seamonkey | 2.14:beta2 |
| mozilla | seamonkey | 2.14:beta3 |
| mozilla | seamonkey | 2.14:beta4 |
| mozilla | seamonkey | 2.14:beta5 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.15:beta1 |
| mozilla | seamonkey | 2.15:beta2 |
| mozilla | seamonkey | 2.15:beta3 |
| mozilla | seamonkey | 2.15:beta4 |
| mozilla | seamonkey | 2.15:beta5 |
| mozilla | seamonkey | 2.15:beta6 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.16:beta1 |
| mozilla | seamonkey | 2.16:beta2 |
| mozilla | seamonkey | 2.16:beta3 |
| mozilla | seamonkey | 2.16:beta4 |
| mozilla | seamonkey | 2.16:beta5 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.17:beta1 |
| mozilla | seamonkey | 2.17:beta2 |
| mozilla | seamonkey | 2.17:beta3 |
| mozilla | seamonkey | 2.17:beta4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | 2.18:beta1 |
| mozilla | seamonkey | 2.18:beta2 |
| mozilla | seamonkey | 2.18:beta3 |
| mozilla | seamonkey | 2.18:beta4 |
| mozilla | seamonkey | 2.19 |
| mozilla | seamonkey | 2.19:beta1 |
| mozilla | seamonkey | 2.19:beta2 |
| mozilla | seamonkey | 2.20:beta1 |
| mozilla | seamonkey | 2.20:beta2 |
| mozilla | firefox | 𝑥 ≤ 22.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 21.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References