// For flags

CVE-2013-5592

Ubuntu Security Notice USN-2009-1

Severity Score

8.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Múltiples vulnerabilidades sin especificar en el motor del navegador Mozilla Firefox anterior a la versión 25.0 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y cuelgue de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos.

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Firefox. Jordi Chancel discovered that HTML select elements could display arbitrary content. An attacker could potentially exploit this to conduct URL spoofing or clickjacking attacks Various other issues were also addressed.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-08-26 CVE Reserved
  • 2013-10-29 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 <= 24.0
Search vendor "Mozilla" for product "Firefox" and version " <= 24.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 19.0
Search vendor "Mozilla" for product "Firefox" and version "19.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 19.0.1
Search vendor "Mozilla" for product "Firefox" and version "19.0.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 19.0.2
Search vendor "Mozilla" for product "Firefox" and version "19.0.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 20.0
Search vendor "Mozilla" for product "Firefox" and version "20.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 20.0.1
Search vendor "Mozilla" for product "Firefox" and version "20.0.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 21.0
Search vendor "Mozilla" for product "Firefox" and version "21.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 22.0
Search vendor "Mozilla" for product "Firefox" and version "22.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 23.0
Search vendor "Mozilla" for product "Firefox" and version "23.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 23.0.1
Search vendor "Mozilla" for product "Firefox" and version "23.0.1"
-
Affected