CVE-2013-5615

Published: Dec 11, 2013Modified: Apr 29, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.

Affected (18)

Products: Mozilla: Firefox, Seamonkey, Thunderbird · Canonical: Ubuntu Linux · Opensuse: Opensuse · +2 more

Show all products

Mozilla: Firefox, Seamonkey, Thunderbird · Canonical: Ubuntu Linux · Opensuse: Opensuse · Suse: Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit · Fedoraproject: Fedora

3 products

1 product

1 product

3 products

Suse Linux Enterprise Desktop

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Fedoraproject

1 product

Fedora

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Before 26.0
Mozilla Firefox	From 24.0 to 24.2
Mozilla Seamonkey	Before 2.23
Mozilla Thunderbird	Before 24.2

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 12.10
Canonical Ubuntu Linux	Version 13.04
Canonical Ubuntu Linux	Version 13.10

Configuration C

7 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 12.2
Opensuse Opensuse	Version 12.3
Opensuse Opensuse	Version 13.1
Suse Suse Linux Enterprise Desktop	Version 11 sp3
Suse Suse Linux Enterprise Server	Version 11 sp3
Suse Suse Linux Enterprise Server	Version 11 sp3
Suse Suse Linux Enterprise Software Development Kit	Version 11.0 sp3

Configuration D

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 18
Fedoraproject Fedora	Version 19
Fedoraproject Fedora	Version 20

References (40)

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html

Source: security@mozilla.org

Mailing ListThird Party Advisory

http://www.mozilla.org/security/announce/2013/mfsa2013-115.html

Source: security@mozilla.org

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: security@mozilla.org

Third Party Advisory

http://www.securitytracker.com/id/1029470

Source: security@mozilla.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1029476

Source: security@mozilla.org

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2052-1

Source: security@mozilla.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-2053-1

Source: security@mozilla.org

Third Party Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=929261

Source: security@mozilla.org

ExploitIssue TrackingVendor Advisory

https://security.gentoo.org/glsa/201504-01

Source: security@mozilla.org

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.mozilla.org/security/announce/2013/mfsa2013-115.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securitytracker.com/id/1029470

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1029476

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2052-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-2053-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=929261

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingVendor Advisory

https://security.gentoo.org/glsa/201504-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.