CVE-2013-1675
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
Affected (32)
Products: Mozilla: Firefox, Thunderbird, Thunderbird Esr · Canonical: Ubuntu Linux · Debian: Debian Linux · +2 more
Show all products
Mozilla: Firefox, Thunderbird, Thunderbird Esr · Canonical: Ubuntu Linux · Debian: Debian Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Ibm Z Systems Eus, Enterprise Linux For Power Big Endian, Enterprise Linux For Power Big Endian Eus, Enterprise Linux For Scientific Computing, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus From Rhui, Enterprise Linux Workstation, Gluster Storage Server For On Premise · Opensuse: Opensuse
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 21.0 | |
| Before 17.0.6 | |
| From 17.0 to 17.0.6 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.04 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.0 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 5.0 | |
| Version 5.9 | |
| Version 5.0_s390x | |
| Version 5.9_s390x | |
| Version 5.0_ppc | |
| Version 5.9_ppc | |
| Version 6.0 | |
| Version 5.0 | |
| Version 5.9 | |
| Version 5.9 | |
| Version 5.0 | |
| Version 2.1 |
References (31)
Source: security@mozilla.org
Mailing ListThird Party Advisory
Source: security@mozilla.org
Mailing ListThird Party Advisory
Source: security@mozilla.org
Mailing ListThird Party Advisory
Source: security@mozilla.org
Mailing ListThird Party Advisory
Source: security@mozilla.org
Mailing ListThird Party Advisory
Source: security@mozilla.org
Broken Link
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Broken LinkThird Party AdvisoryVDB Entry
Source: security@mozilla.org
ExploitIssue Tracking
Source: security@mozilla.org
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource
Timeline
No history available yet.