CVE-2013-1682
Mozilla: Miscellaneous memory safety hazards (rv:17.0.7) (MFSA 2013-49)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Múltiples vulnerabilidades sin especificar en el motor de navegación de Mozilla Firefox v22.0, Firefox ESR v17.x antes de v17.0.7, thunderbird anterior a v17.0.7 que permite a atacantes remotos causar una denegación del servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores sin especificar.
Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Security researcher Abhishek Arya of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free problems rated critical as security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting additional use-after-free and buffer overflow flaws in code introduced during Firefox development. These were fixed before general release. Various other security issues were also addressed. The mozilla firefox packages have been upgraded to the latest ESR version which is unaffected by these security flaws.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-02-13 CVE Reserved
- 2013-06-25 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (21)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/60765 | Vdb Entry | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=830389 | X_refsource_confirm | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=840098 | X_refsource_confirm | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=862309 | X_refsource_confirm | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=867482 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17392 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 21.0 Search vendor "Mozilla" for product "Firefox" and version " <= 21.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 19.0 Search vendor "Mozilla" for product "Firefox" and version "19.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 19.0.1 Search vendor "Mozilla" for product "Firefox" and version "19.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 19.0.2 Search vendor "Mozilla" for product "Firefox" and version "19.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 20.0 Search vendor "Mozilla" for product "Firefox" and version "20.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 20.0.1 Search vendor "Mozilla" for product "Firefox" and version "20.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 17.0 Search vendor "Mozilla" for product "Firefox Esr" and version "17.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 17.0.1 Search vendor "Mozilla" for product "Firefox Esr" and version "17.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 17.0.2 Search vendor "Mozilla" for product "Firefox Esr" and version "17.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 17.0.3 Search vendor "Mozilla" for product "Firefox Esr" and version "17.0.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 17.0.4 Search vendor "Mozilla" for product "Firefox Esr" and version "17.0.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 17.0.5 Search vendor "Mozilla" for product "Firefox Esr" and version "17.0.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | 17.0.6 Search vendor "Mozilla" for product "Firefox Esr" and version "17.0.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | <= 17.0.6 Search vendor "Mozilla" for product "Thunderbird" and version " <= 17.0.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 17.0 Search vendor "Mozilla" for product "Thunderbird" and version "17.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 17.0.1 Search vendor "Mozilla" for product "Thunderbird" and version "17.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 17.0.2 Search vendor "Mozilla" for product "Thunderbird" and version "17.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 17.0.3 Search vendor "Mozilla" for product "Thunderbird" and version "17.0.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 17.0.4 Search vendor "Mozilla" for product "Thunderbird" and version "17.0.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 17.0.5 Search vendor "Mozilla" for product "Thunderbird" and version "17.0.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Esr Search vendor "Mozilla" for product "Thunderbird Esr" | 17.0 Search vendor "Mozilla" for product "Thunderbird Esr" and version "17.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Esr Search vendor "Mozilla" for product "Thunderbird Esr" | 17.0.1 Search vendor "Mozilla" for product "Thunderbird Esr" and version "17.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Esr Search vendor "Mozilla" for product "Thunderbird Esr" | 17.0.2 Search vendor "Mozilla" for product "Thunderbird Esr" and version "17.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Esr Search vendor "Mozilla" for product "Thunderbird Esr" | 17.0.3 Search vendor "Mozilla" for product "Thunderbird Esr" and version "17.0.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Esr Search vendor "Mozilla" for product "Thunderbird Esr" | 17.0.4 Search vendor "Mozilla" for product "Thunderbird Esr" and version "17.0.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Esr Search vendor "Mozilla" for product "Thunderbird Esr" | 17.0.5 Search vendor "Mozilla" for product "Thunderbird Esr" and version "17.0.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Esr Search vendor "Mozilla" for product "Thunderbird Esr" | 17.0.6 Search vendor "Mozilla" for product "Thunderbird Esr" and version "17.0.6" | - |
Affected
| ||||||