CVE-2013-0757 : The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbi

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.

Published 2013-01-13 20:55:02

Updated 2020-08-11 13:08:36

Source Mozilla Corporation

View at NVD, CVE.org

Vulnerability category: Input validation

Exploit prediction scoring system (EPSS) score for CVE-2013-0757

Probability of exploitation activity in the next 30 days: 9.48%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2013-0757

Firefox 17.0.1 Flash Privileged Code Injection

Disclosure Date: 2013-01-08

First seen: 2020-04-26

exploit/multi/browser/firefox_svg_plugin

This exploit gains remote code execution on Firefox 17 and 17.0.1, provided the user has installed Flash. No memory corruption is used. First, a Flash object is cloned into the anonymous content of the SVG "use" element in the <body> (CVE-2013-0758). From there, the

More information

CVSS scores for CVE-2013-0757

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2013-0757

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-0757

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html

[security-announce] openSUSE-SU-2013:0131-1: important: Mozilla Januarys
Third Party Advisory

CVEs referencing this url
https://bugzilla.mozilla.org/show_bug.cgi?id=813901

813901 - (CVE-2013-0757) Chrome Object Wrapper can be bypassed using Object.prototype.__proto__
Exploit;Issue Tracking;Patch;Vendor Advisory
http://www.mozilla.org/security/announce/2013/mfsa2013-14.html

Chrome Object Wrapper (COW) bypass through changing prototype — Mozilla
Vendor Advisory
http://www.ubuntu.com/usn/USN-1681-1

USN-1681-1: Firefox vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16939

Repository / Oval Repository
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html

[security-announce] SUSE-SU-2013:0049-1: important: Security update for
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-1681-2

USN-1681-2: Thunderbird vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html

[security-announce] openSUSE-SU-2013:0149-1: important: Mozilla Januarys
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html

[security-announce] SUSE-SU-2013:0048-1: important: Security update for
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-1681-4

USN-1681-4: Firefox regression | Ubuntu security notices
Third Party Advisory

CVEs referencing this url

Products affected by CVE-2013-0757

Suse » Linux Enterprise Desktop » Version: 10 Update SP4
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Desktop » Version: 11 Update SP2
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 10 Update SP4
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 11 Update SP2
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 11 Update SP2 For Vmware
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
Matching versions
Suse » Linux Enterprise Software Development Kit » Version: 10 Update SP4
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Software Development Kit » Version: 11 Update SP2
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
Matching versions
Mozilla » Firefox
Versions before (<) 18.0
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Thunderbird
Versions before (<) 17.0.2
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Seamonkey
Versions before (<) 2.15
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox Esr
Versions before (<) 17.0.2
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Thunderbird Esr
Versions before (<) 17.0.2
cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.10
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.04
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 11.10
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Matching versions
Opensuse » Opensuse » Version: 11.4
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 12.2
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 12.1
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
Matching versions