Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-0766

Опубликовано: 08 янв. 2013
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5thunderbirdAffected
Red Hat Enterprise Linux 5thunderbirdFixedRHSA-2013:014508.01.2013
Red Hat Enterprise Linux 5firefoxFixedRHSA-2013:014408.01.2013
Red Hat Enterprise Linux 5xulrunnerFixedRHSA-2013:014408.01.2013
Red Hat Enterprise Linux 6firefoxFixedRHSA-2013:014408.01.2013
Red Hat Enterprise Linux 6xulrunnerFixedRHSA-2013:014408.01.2013
Red Hat Enterprise Linux 6thunderbirdFixedRHSA-2013:014508.01.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-416
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=891821Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)

EPSS

Процентиль: 86%
0.02851
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-0766

ubuntu
почти 13 лет назад

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

nvd логотип

CVE-2013-0766

nvd
почти 13 лет назад

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

debian логотип

CVE-2013-0766

debian
почти 13 лет назад

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in ...

github логотип

GHSA-ch2j-4j2j-86w9

github
больше 3 лет назад

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

oracle-oval логотип

ELSA-2013-0145

oracle-oval
почти 13 лет назад

ELSA-2013-0145: thunderbird security update (CRITICAL)

EPSS

Процентиль: 86%
0.02851
Низкий

6.8 Medium

CVSS2