CVE-2013-5600

Published: Oct 30, 2013Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.

Affected (148)

Products: Mozilla: Firefox, Thunderbird, Seamonkey, Thunderbird Esr

4 products

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Up to 24.0
Mozilla Firefox	Version 19.0.1
Mozilla Firefox	Version 19.0.2
Mozilla Firefox	Version 19.0
Mozilla Firefox	Version 20.0.1
Mozilla Firefox	Version 20.0
Mozilla Firefox	Version 21.0
Mozilla Firefox	Version 22.0
Mozilla Firefox	Version 23.0.1
Mozilla Firefox	Version 23.0

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Mozilla Thunderbird	Up to 24.0.1
Mozilla Thunderbird	Version 17.0.1
Mozilla Thunderbird	Version 17.0.2
Mozilla Thunderbird	Version 17.0.3
Mozilla Thunderbird	Version 17.0.4
Mozilla Thunderbird	Version 17.0.5
Mozilla Thunderbird	Version 17.0.6
Mozilla Thunderbird	Version 17.0.7
Mozilla Thunderbird	Version 17.0.8
Mozilla Thunderbird	Version 17.0
Mozilla Thunderbird	Version 24.0

Configuration C

104 vulnerable

Vulnerable Software	Affected Versions
Mozilla Seamonkey	Up to 2.22
Mozilla Seamonkey	Version 2.0.10
Mozilla Seamonkey	Version 2.0.11
Mozilla Seamonkey	Version 2.0.12
Mozilla Seamonkey	Version 2.0.13
Mozilla Seamonkey	Version 2.0.14
Mozilla Seamonkey	Version 2.0.1
Mozilla Seamonkey	Version 2.0.2
Mozilla Seamonkey	Version 2.0.3
Mozilla Seamonkey	Version 2.0.4
Mozilla Seamonkey	Version 2.0.5
Mozilla Seamonkey	Version 2.0.6
Mozilla Seamonkey	Version 2.0.7
Mozilla Seamonkey	Version 2.0.8
Mozilla Seamonkey	Version 2.0.9
Mozilla Seamonkey	Version 2.0
Mozilla Seamonkey	Version 2.0 alpha_1
Mozilla Seamonkey	Version 2.0 alpha_2
Mozilla Seamonkey	Version 2.0 alpha_3
Mozilla Seamonkey	Version 2.0 beta_1
Mozilla Seamonkey	Version 2.0 beta_2
Mozilla Seamonkey	Version 2.0 rc1
Mozilla Seamonkey	Version 2.0 rc2
Mozilla Seamonkey	Version 2.10.1
Mozilla Seamonkey	Version 2.10
Mozilla Seamonkey	Version 2.10 beta1
Mozilla Seamonkey	Version 2.10 beta2
Mozilla Seamonkey	Version 2.10 beta3
Mozilla Seamonkey	Version 2.11
Mozilla Seamonkey	Version 2.11 beta1
Mozilla Seamonkey	Version 2.11 beta2
Mozilla Seamonkey	Version 2.11 beta3
Mozilla Seamonkey	Version 2.11 beta4
Mozilla Seamonkey	Version 2.11 beta5
Mozilla Seamonkey	Version 2.11 beta6
Mozilla Seamonkey	Version 2.12.1
Mozilla Seamonkey	Version 2.12
Mozilla Seamonkey	Version 2.12 beta1
Mozilla Seamonkey	Version 2.12 beta2
Mozilla Seamonkey	Version 2.12 beta3
Mozilla Seamonkey	Version 2.12 beta4
Mozilla Seamonkey	Version 2.12 beta5
Mozilla Seamonkey	Version 2.12 beta6
Mozilla Seamonkey	Version 2.13.1
Mozilla Seamonkey	Version 2.13.2
Mozilla Seamonkey	Version 2.13
Mozilla Seamonkey	Version 2.13 beta1
Mozilla Seamonkey	Version 2.13 beta2
Mozilla Seamonkey	Version 2.13 beta3
Mozilla Seamonkey	Version 2.13 beta4
Mozilla Seamonkey	Version 2.13 beta5
Mozilla Seamonkey	Version 2.13 beta6
Mozilla Seamonkey	Version 2.14
Mozilla Seamonkey	Version 2.14 beta1
Mozilla Seamonkey	Version 2.14 beta2
Mozilla Seamonkey	Version 2.14 beta3
Mozilla Seamonkey	Version 2.14 beta4
Mozilla Seamonkey	Version 2.14 beta5
Mozilla Seamonkey	Version 2.15.1
Mozilla Seamonkey	Version 2.15.2
Mozilla Seamonkey	Version 2.15
Mozilla Seamonkey	Version 2.15 beta1
Mozilla Seamonkey	Version 2.15 beta2
Mozilla Seamonkey	Version 2.15 beta3
Mozilla Seamonkey	Version 2.15 beta4
Mozilla Seamonkey	Version 2.15 beta5
Mozilla Seamonkey	Version 2.15 beta6
Mozilla Seamonkey	Version 2.16.1
Mozilla Seamonkey	Version 2.16.2
Mozilla Seamonkey	Version 2.16
Mozilla Seamonkey	Version 2.16 beta1
Mozilla Seamonkey	Version 2.16 beta2
Mozilla Seamonkey	Version 2.16 beta3
Mozilla Seamonkey	Version 2.16 beta4
Mozilla Seamonkey	Version 2.16 beta5
Mozilla Seamonkey	Version 2.17.1
Mozilla Seamonkey	Version 2.17
Mozilla Seamonkey	Version 2.17 beta1
Mozilla Seamonkey	Version 2.17 beta2
Mozilla Seamonkey	Version 2.17 beta3
Mozilla Seamonkey	Version 2.17 beta4
Mozilla Seamonkey	Version 2.18 beta1
Mozilla Seamonkey	Version 2.18 beta2
Mozilla Seamonkey	Version 2.18 beta3
Mozilla Seamonkey	Version 2.18 beta4
Mozilla Seamonkey	Version 2.19
Mozilla Seamonkey	Version 2.19 beta1
Mozilla Seamonkey	Version 2.19 beta2
Mozilla Seamonkey	Version 2.1
Mozilla Seamonkey	Version 2.1 alpha1
Mozilla Seamonkey	Version 2.1 alpha2
Mozilla Seamonkey	Version 2.1 alpha3
Mozilla Seamonkey	Version 2.1 beta1
Mozilla Seamonkey	Version 2.1 beta2
Mozilla Seamonkey	Version 2.1 beta3
Mozilla Seamonkey	Version 2.1 rc1
Mozilla Seamonkey	Version 2.1 rc2
Mozilla Seamonkey	Version 2.20
Mozilla Seamonkey	Version 2.20 beta1
Mozilla Seamonkey	Version 2.20 beta2
Mozilla Seamonkey	Version 2.20 beta3
Mozilla Seamonkey	Version 2.21 beta1
Mozilla Seamonkey	Version 2.21 beta2
Mozilla Seamonkey	Version 2.22 beta1

Configuration D

10 vulnerable

Vulnerable Software	Affected Versions
Mozilla Thunderbird Esr	Version 17.0.1
Mozilla Thunderbird Esr	Version 17.0.2
Mozilla Thunderbird Esr	Version 17.0.3
Mozilla Thunderbird Esr	Version 17.0.4
Mozilla Thunderbird Esr	Version 17.0.5
Mozilla Thunderbird Esr	Version 17.0.6
Mozilla Thunderbird Esr	Version 17.0.7
Mozilla Thunderbird Esr	Version 17.0.8
Mozilla Thunderbird Esr	Version 17.0.9
Mozilla Thunderbird Esr	Version 17.0

Configuration E

13 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 17.0.1
Mozilla Firefox	Version 17.0.2
Mozilla Firefox	Version 17.0.3
Mozilla Firefox	Version 17.0.4
Mozilla Firefox	Version 17.0.5
Mozilla Firefox	Version 17.0.6
Mozilla Firefox	Version 17.0.7
Mozilla Firefox	Version 17.0.8
Mozilla Firefox	Version 17.0.9
Mozilla Firefox	Version 17.0
Mozilla Firefox	Version 24.0.1
Mozilla Firefox	Version 24.0.2
Mozilla Firefox	Version 24.0