[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-1738Date: (C)2013-10-09   (M)2024-03-27


Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-62466
FEDORA-2013-16992
FEDORA-2013-17047
FEDORA-2013-17074
IAVM:2013-A-0182
USN-1951-1
USN-1952-1
http://www.mozilla.org/security/announce/2013/mfsa2013-92.html
https://bugzilla.mozilla.org/show_bug.cgi?id=882897
https://bugzilla.mozilla.org/show_bug.cgi?id=887334
openSUSE-SU-2013:1491
openSUSE-SU-2013:1493
openSUSE-SU-2013:1495
openSUSE-SU-2013:1499
oval:org.mitre.oval:def:18766

CPE    119
cpe:/a:mozilla:seamonkey:2.11:beta3
cpe:/a:mozilla:seamonkey:2.11:beta2
cpe:/a:mozilla:seamonkey:2.11:beta5
cpe:/a:mozilla:seamonkey:2.11:beta4
...
CWE    1
CWE-399
OVAL    6
oval:org.secpod.oval:def:16387
oval:org.secpod.oval:def:16406
oval:org.secpod.oval:def:701410
oval:org.secpod.oval:def:701417
...

© SecPod Technologies