[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108530

 
 

909

 
 

85343

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: SVG filters can lead to information disclosure - mfsa2013-55

ID: oval:org.secpod.oval:def:16318Date: (C)2013-12-30   (M)2018-01-30
Class: PATCHFamily: macos




Security researcher Paul Stone of Context Information Security discovered that timing differences in the processing of SVG format images with filters could allow for pixel values to be read. This could potentially allow for text values to be read across domains, leading to information disclosure.

Platform:
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X Server 10.12
Product:
Mozilla Firefox
Mozilla Thunderbird ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Mozilla Firefox ESR
Reference:
MFSA 2013-55
CVE-2013-1693
CVE    1
CVE-2013-1693
CPE    32
cpe:/a:mozilla:thunderbird_esr
cpe:/a:mozilla:thunderbird_esr:17.0.5
cpe:/a:mozilla:thunderbird_esr:17.0.6
cpe:/a:mozilla:firefox_esr:17.0.6
...

© SecPod Technologies