CVE-2013-5596

The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mozillaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
mozillathunderbird
𝑥
≤ 24.0.1
mozillathunderbird
17.0
mozillathunderbird
17.0.1
mozillathunderbird
17.0.2
mozillathunderbird
17.0.3
mozillathunderbird
17.0.4
mozillathunderbird
17.0.5
mozillathunderbird
17.0.6
mozillathunderbird
17.0.7
mozillathunderbird
17.0.8
mozillathunderbird
24.0
mozillathunderbird_esr
17.0.9
mozillafirefox
24.0
mozillafirefox_esr
24.0.1
mozillafirefox_esr
24.0.2
mozillafirefox
𝑥
≤ 24.0
mozillafirefox
19.0
mozillafirefox
19.0.1
mozillafirefox
19.0.2
mozillafirefox
20.0
mozillafirefox
20.0.1
mozillafirefox
21.0
mozillafirefox
22.0
mozillafirefox
23.0
mozillafirefox
23.0.1
mozillaseamonkey
𝑥
≤ 2.22
mozillaseamonkey
2.0
mozillaseamonkey
2.0:alpha_1
mozillaseamonkey
2.0:alpha_2
mozillaseamonkey
2.0:alpha_3
mozillaseamonkey
2.0:beta_1
mozillaseamonkey
2.0:beta_2
mozillaseamonkey
2.0:rc1
mozillaseamonkey
2.0:rc2
mozillaseamonkey
2.0.1
mozillaseamonkey
2.0.2
mozillaseamonkey
2.0.3
mozillaseamonkey
2.0.4
mozillaseamonkey
2.0.5
mozillaseamonkey
2.0.6
mozillaseamonkey
2.0.7
mozillaseamonkey
2.0.8
mozillaseamonkey
2.0.9
mozillaseamonkey
2.0.10
mozillaseamonkey
2.0.11
mozillaseamonkey
2.0.12
mozillaseamonkey
2.0.13
mozillaseamonkey
2.0.14
mozillaseamonkey
2.1
mozillaseamonkey
2.1:alpha1
mozillaseamonkey
2.1:alpha2
mozillaseamonkey
2.1:alpha3
mozillaseamonkey
2.1:beta1
mozillaseamonkey
2.1:beta2
mozillaseamonkey
2.1:beta3
mozillaseamonkey
2.1:rc1
mozillaseamonkey
2.1:rc2
mozillaseamonkey
2.10
mozillaseamonkey
2.10:beta1
mozillaseamonkey
2.10:beta2
mozillaseamonkey
2.10:beta3
mozillaseamonkey
2.10.1
mozillaseamonkey
2.11
mozillaseamonkey
2.11:beta1
mozillaseamonkey
2.11:beta2
mozillaseamonkey
2.11:beta3
mozillaseamonkey
2.11:beta4
mozillaseamonkey
2.11:beta5
mozillaseamonkey
2.11:beta6
mozillaseamonkey
2.12
mozillaseamonkey
2.12:beta1
mozillaseamonkey
2.12:beta2
mozillaseamonkey
2.12:beta3
mozillaseamonkey
2.12:beta4
mozillaseamonkey
2.12:beta5
mozillaseamonkey
2.12:beta6
mozillaseamonkey
2.12.1
mozillaseamonkey
2.13
mozillaseamonkey
2.13:beta1
mozillaseamonkey
2.13:beta2
mozillaseamonkey
2.13:beta3
mozillaseamonkey
2.13:beta4
mozillaseamonkey
2.13:beta5
mozillaseamonkey
2.13:beta6
mozillaseamonkey
2.13.1
mozillaseamonkey
2.13.2
mozillaseamonkey
2.14
mozillaseamonkey
2.14:beta1
mozillaseamonkey
2.14:beta2
mozillaseamonkey
2.14:beta3
mozillaseamonkey
2.14:beta4
mozillaseamonkey
2.14:beta5
mozillaseamonkey
2.15
mozillaseamonkey
2.15:beta1
mozillaseamonkey
2.15:beta2
mozillaseamonkey
2.15:beta3
mozillaseamonkey
2.15:beta4
mozillaseamonkey
2.15:beta5
mozillaseamonkey
2.15:beta6
mozillaseamonkey
2.15.1
mozillaseamonkey
2.15.2
mozillaseamonkey
2.16
mozillaseamonkey
2.16:beta1
mozillaseamonkey
2.16:beta2
mozillaseamonkey
2.16:beta3
mozillaseamonkey
2.16:beta4
mozillaseamonkey
2.16:beta5
mozillaseamonkey
2.16.1
mozillaseamonkey
2.16.2
mozillaseamonkey
2.17
mozillaseamonkey
2.17:beta1
mozillaseamonkey
2.17:beta2
mozillaseamonkey
2.17:beta3
mozillaseamonkey
2.17:beta4
mozillaseamonkey
2.17.1
mozillaseamonkey
2.18:beta1
mozillaseamonkey
2.18:beta2
mozillaseamonkey
2.18:beta3
mozillaseamonkey
2.18:beta4
mozillaseamonkey
2.19
mozillaseamonkey
2.19:beta1
mozillaseamonkey
2.19:beta2
mozillaseamonkey
2.20
mozillaseamonkey
2.20:beta1
mozillaseamonkey
2.20:beta2
mozillaseamonkey
2.20:beta3
mozillaseamonkey
2.21:beta1
mozillaseamonkey
2.21:beta2
mozillaseamonkey
2.22:beta1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
saucy
Fixed 25.0+build3-0ubuntu0.13.10.1
released
raring
Fixed 25.0+build3-0ubuntu0.13.04.1
released
quantal
Fixed 25.0+build3-0ubuntu0.12.10.1
released
precise
Fixed 25.0+build3-0ubuntu0.12.04.1
released
lucid
ignored
thunderbird
saucy
Fixed 1:24.1.0+build1-0ubuntu0.13.10.1
released
raring
Fixed 1:24.1.0+build1-0ubuntu0.13.04.1
released
quantal
Fixed 1:24.1.0+build1-0ubuntu0.12.10.1
released
precise
Fixed 1:24.1.0+build1-0ubuntu0.12.04.1
released
lucid
ignored
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html
http://www.mozilla.org/security/announce/2013/mfsa2013-97.html
https://bugzilla.mozilla.org/show_bug.cgi?id=910881
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19066
https://security.gentoo.org/glsa/201504-01
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html
http://www.mozilla.org/security/announce/2013/mfsa2013-97.html
https://bugzilla.mozilla.org/show_bug.cgi?id=910881
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19066
https://security.gentoo.org/glsa/201504-01