CyberSec.Space Logo
Back to CVE Browser

CVE-2013-1675

Known Exploited (CISA KEV)MEDIUM
6.5
CVSS Severity Score
EPSS Score63.2540%
EPSS Percentile85.97th
PublishedMay 16, 2013
Last ModifiedApr 22, 2026

Vulnerability Description

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

Affected Platforms (CPE)

πŸ“¦
Mozilla

Firefox

< 21.0
πŸ“¦
Mozilla

Firefox

>= 17.0 and < 17.0.6
πŸ“¦
Mozilla

Thunderbird

< 17.0.6
πŸ“¦
Mozilla

Thunderbird Esr

>= 17.0 and < 17.0.6
πŸ’»
Canonical

Ubuntu Linux

= 12.04
πŸ’»
Canonical

Ubuntu Linux

= 12.10
πŸ’»
Canonical

Ubuntu Linux

= 13.04
πŸ’»
Debian

Debian Linux

= 7.0
πŸ“¦
Redhat

Gluster Storage Server For On Premise

= 2.1
πŸ’»
Redhat

Enterprise Linux Desktop

= 5.0
πŸ’»
Redhat

Enterprise Linux Desktop

= 6.0
πŸ’»
Redhat

Enterprise Linux Eus

= 5.9
πŸ’»
Redhat

Enterprise Linux Eus

= 6.4
πŸ’»
Redhat

Enterprise Linux For Ibm Z Systems

= 5.0_s390x
πŸ’»
Redhat

Enterprise Linux For Ibm Z Systems

= 6.0_s390x
πŸ’»
Redhat

Enterprise Linux For Ibm Z Systems Eus

= 5.9_s390x
πŸ’»
Redhat

Enterprise Linux For Ibm Z Systems Eus

= 6.4_s390x
πŸ’»
Redhat

Enterprise Linux For Power Big Endian

= 5.0_ppc
πŸ’»
Redhat

Enterprise Linux For Power Big Endian

= 6.0_ppc64
πŸ’»
Redhat

Enterprise Linux For Power Big Endian Eus

= 5.9_ppc
πŸ’»
Redhat

Enterprise Linux For Power Big Endian Eus

= 6.4_ppc64
πŸ’»
Redhat

Enterprise Linux For Scientific Computing

= 6.0
πŸ’»
Redhat

Enterprise Linux Server

= 5.0
πŸ’»
Redhat

Enterprise Linux Server

= 6.0
πŸ’»
Redhat

Enterprise Linux Server Aus

= 5.9
πŸ’»
Redhat

Enterprise Linux Server Aus

= 6.4
πŸ’»
Redhat

Enterprise Linux Server Eus From Rhui

= 5.9
πŸ’»
Redhat

Enterprise Linux Server Eus From Rhui

= 6.4
πŸ’»
Redhat

Enterprise Linux Workstation

= 5.0
πŸ’»
Redhat

Enterprise Linux Workstation

= 6.0
πŸ’»
Opensuse

Opensuse

= 12.2
πŸ’»
Opensuse

Opensuse

= 12.3

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2013-0820.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2013-0821.html
πŸ”— http://www.debian.org/security/2013/dsa-2699

Related Vulnerabilities

CVE-2019-1170810.0

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the no...

CVE-2019-2513610.0

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and ...

CVE-2018-1850510.0

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication betwee...

CVE-2020-1238810.0

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this iss...