CVE-2013-5613
11.12.2013, 15:55
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 26.0 |
| mozilla | firefox_esr | 24.0 ≤ 𝑥 < 24.2 |
| mozilla | seamonkey | 𝑥 < 2.23 |
| mozilla | thunderbird | 𝑥 < 24.2 |
| suse | suse_linux_enterprise_software_development_kit | 11.0:sp3 |
| opensuse | opensuse | 12.2 |
| opensuse | opensuse | 12.3 |
| opensuse | opensuse | 13.1 |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_server_tus | 6.5 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||
| thunderbird |
|
Common Weakness Enumeration
References