CyberSec.Space Logo
CVEブラウザに戻る

CVE-2013-0801

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile13.71th
Published2013年5月16日
Last Modified2026年4月29日

Vulnerability Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Affected Platforms (CPE)

📦
Mozilla

Firefox

<= 20.0.1
📦
Mozilla

Firefox

= 19.0
📦
Mozilla

Firefox

= 19.0.1
📦
Mozilla

Firefox

= 19.0.2
📦
Mozilla

Firefox

= 20.0
📦
Mozilla

Firefox

= 17.0
📦
Mozilla

Firefox

= 17.0.1
📦
Mozilla

Firefox

= 17.0.2
📦
Mozilla

Firefox

= 17.0.3
📦
Mozilla

Firefox

= 17.0.4
📦
Mozilla

Firefox

= 17.0.5
📦
Mozilla

Thunderbird

<= 17.0.5
📦
Mozilla

Thunderbird

= 17.0
📦
Mozilla

Thunderbird

= 17.0.1
📦
Mozilla

Thunderbird

= 17.0.2
📦
Mozilla

Thunderbird

= 17.0.3
📦
Mozilla

Thunderbird

= 17.0.4
📦
Mozilla

Thunderbird Esr

= 17.0
📦
Mozilla

Thunderbird Esr

= 17.0.1
📦
Mozilla

Thunderbird Esr

= 17.0.2
📦
Mozilla

Thunderbird Esr

= 17.0.3
📦
Mozilla

Thunderbird Esr

= 17.0.4
📦
Mozilla

Thunderbird Esr

= 17.0.5

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html
🔗 http://rhn.redhat.com/errata/RHSA-2013-0820.html
🔗 http://rhn.redhat.com/errata/RHSA-2013-0821.html
🔗 http://www.debian.org/security/2013/dsa-2699

関連する脆弱性情報

CVE-2019-1170810.0

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the no...

CVE-2019-2513610.0

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and ...

CVE-2018-1850510.0

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication betwee...

CVE-2020-1238810.0

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this iss...