Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-1737

Опубликовано: 18 сент. 2013
Источник: debian

Описание

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
iceweaselfixed24.0-1package
iceweaselend-of-lifesqueezepackage
icedovefixed17.0.9-1package
icedoveend-of-lifesqueezepackage

Связанные уязвимости

ubuntu логотип

CVE-2013-1737

ubuntu
почти 12 лет назад

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.

redhat логотип

CVE-2013-1737

redhat
почти 12 лет назад

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.

nvd логотип

CVE-2013-1737

nvd
почти 12 лет назад

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.

github логотип

GHSA-cmgg-ggj8-p45q

github
больше 3 лет назад

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.

oracle-oval логотип

ELSA-2013-1269

oracle-oval
почти 12 лет назад

ELSA-2013-1269: thunderbird security update (IMPORTANT)