CVE-2013-0750 : Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17

Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.

Published 2013-01-13 20:55:02

Updated 2020-08-04 18:59:55

Source Mozilla Corporation

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2013-0750

Probability of exploitation activity in the next 30 days: 6.85%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-0750

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2013-0750

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-0750

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html

[security-announce] openSUSE-SU-2013:0131-1: important: Mozilla Januarys
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-1681-1

USN-1681-1: Firefox vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html

[security-announce] SUSE-SU-2013:0049-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.mozilla.org/security/announce/2013/mfsa2013-12.html

Buffer overflow in Javascript string concatenation — Mozilla
Vendor Advisory
http://www.ubuntu.com/usn/USN-1681-2

USN-1681-2: Thunderbird vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16957

Repository / Oval Repository
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html

[security-announce] openSUSE-SU-2013:0149-1: important: Mozilla Januarys
Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-0144.html

RHSA-2013:0144 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html

[security-announce] SUSE-SU-2013:0048-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-0145.html

RHSA-2013:0145 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-1681-4

USN-1681-4: Firefox regression | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://bugzilla.mozilla.org/show_bug.cgi?id=805121

805121 - (CVE-2013-0750) String Replacement Heap Corruption Remote Code Execution Vulnerability (ZDI-CAN-1473)
Issue Tracking;Patch;Vendor Advisory

Products affected by CVE-2013-0750

Redhat » Enterprise Linux Desktop » Version: 5.0
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Desktop » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 5.9
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 6.3
cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 5.0
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 5.0
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 5.9
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Desktop » Version: 10 Update SP4
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Desktop » Version: 11 Update SP2
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 10 Update SP4
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 11 Update SP2
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 11 Update SP2 For Vmware
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
Matching versions
Suse » Linux Enterprise Software Development Kit » Version: 10 Update SP4
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Software Development Kit » Version: 11 Update SP2
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
Matching versions
Mozilla » Firefox
Versions before (<) 18.0
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Thunderbird
Versions before (<) 17.0.2
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Seamonkey
Versions before (<) 2.15
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox Esr
Versions from including (>=) 10.0 and before (<) 10.0.12
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox Esr
Versions from including (>=) 17.0 and before (<) 17.0.2
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Thunderbird Esr
Versions from including (>=) 17.0 and before (<) 17.0.2
cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Thunderbird Esr
Versions from including (>=) 10.0 and before (<) 10.0.12
cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.10
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.04
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 11.10
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Matching versions
Opensuse » Opensuse » Version: 11.4
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 12.2
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 12.1
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2013-0750

Exploit prediction scoring system (EPSS) score for CVE-2013-0750

CVSS scores for CVE-2013-0750

CWE ids for CVE-2013-0750

References for CVE-2013-0750

Products affected by CVE-2013-0750