[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108741

 
 

909

 
 

85475

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

Arbitrary code execution vulnerability in the Chrome Object Wrapper (COW) implementation in Mozilla Firefox, ESR, Thunderbird, ESR, Seamonkey - MFSA 2013-14

ID: oval:org.secpod.oval:def:9652Date: (C)2013-03-11   (M)2018-01-30
Class: PATCHFamily: macos




The host is missing a security update according to Mozilla advisory, MFSA 2013-14. The update is required to fix arbitrary code execution vulnerability. A flaw is present in the applications, which fail to prevent modifications to the prototype of an object. Successful exploitation allows remote attackers to execute arbitrary JavaScript code with chrome privileges.

Platform:
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X Server 10.12
Product:
Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Mozilla Thunderbird ESR
Mozilla SeaMonkey
Reference:
MFSA 2013-14
CVE-2013-0757
CVE    1
CVE-2013-0757
CPE    461
cpe:/a:mozilla:thunderbird_esr
cpe:/a:mozilla:seamonkey
cpe:/a:mozilla:seamonkey:2.8:beta6
cpe:/a:mozilla:seamonkey:2.8:beta1
...

© SecPod Technologies