Vulnerability Details : CVE-2013-1669
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2013-1669
Probability of exploitation activity in the next 30 days: 7.61%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-1669
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2013-1669
-
http://www.ubuntu.com/usn/USN-1823-1
USN-1823-1: Thunderbird vulnerabilities | Ubuntu security notices
-
https://bugzilla.mozilla.org/show_bug.cgi?id=821850
821850 - (XBL-scopes) Investigate running XBL in a separate compartment
-
https://bugzilla.mozilla.org/show_bug.cgi?id=837324
837324 - WebRTC crash [@fsmdef_ev_addcandidate]
-
https://bugzilla.mozilla.org/show_bug.cgi?id=821479
821479 - Out-of-bounds read crash in PropertyProvider::GetSpacingInternal
-
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html
[security-announce] openSUSE-SU-2013:0946-1: important: MozillaFirefox:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=822910
822910 - Crash [@ nsTextFrame::HasTerminalNewline()] with splitText, floating :first-letter
-
https://bugzilla.mozilla.org/show_bug.cgi?id=803228
803228 - Assertion failure: cx->compartment->principals == options.principals
-
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html
[security-announce] openSUSE-SU-2013:0929-1: important: xulrunner to 17.
-
https://bugzilla.mozilla.org/show_bug.cgi?id=826104
826104 - Crash in MediaDecoder::UpdatePlaybackOffset
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16493
Repository / Oval Repository
-
https://bugzilla.mozilla.org/show_bug.cgi?id=826588
826588 - Differential Testing: Getting different output on 64-bit Windows js shells involving lastIndex
-
https://bugzilla.mozilla.org/show_bug.cgi?id=837007
837007 - "ASSERTION: Out of flow frame doesn't have the expected parent" and crash with -moz-column, float
-
https://bugzilla.mozilla.org/show_bug.cgi?id=834526
834526 - IPC Channel uses debug-only check for number of FDs in a single message, could overwrite stackVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html
[security-announce] openSUSE-SU-2013:0825-1: important: MozillaFirefox:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=865948
865948 - (CVE-2013-1703) nsScriptSecurityManager::CheckLoadURIWithPrincipal is broken for nsExpandedPrincipal
-
https://bugzilla.mozilla.org/show_bug.cgi?id=843434
843434 - Assertion failure in nsUnicharStreamLoader::WriteSegmentFun with ISO-2022-JP
-
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html
[security-announce] openSUSE-SU-2013:0831-1: important: xulrunner to 17.
-
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html
[security-announce] openSUSE-SU-2013:0834-1: important: MozillaThunderbi
-
http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6) — MozillaVendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=826392
826392 - compartment checker fail in mozilla::plugins::parent::_evaluate
-
http://www.ubuntu.com/usn/USN-1822-1
USN-1822-1: Firefox vulnerabilities | Ubuntu security notices
-
http://www.securityfocus.com/bid/59870
Mozilla Firefox and Thunderbird CVE-2013-1669 Memory Corruption Vulnerability
-
https://bugzilla.mozilla.org/show_bug.cgi?id=819775
819775 - js_InitRandom: Don't use pointer values in seeding the random number generator
-
https://bugzilla.mozilla.org/show_bug.cgi?id=791432
791432 - WebGL canvases of width <= 16 contain uninitialized memory upon creation on HTC One S
-
https://bugzilla.mozilla.org/show_bug.cgi?id=854001
854001 - crash in mozilla::dom::InstanceClassHasProtoAtDepth
-
https://bugzilla.mozilla.org/show_bug.cgi?id=814552
814552 - IonMonkey: Assertion failure: masm.framePushed() == frameSize(), at ion/CodeGenerator.cpp:342 or Crash [@ MarkInternal<js::ion::IonCode>]
-
https://bugzilla.mozilla.org/show_bug.cgi?id=855236
855236 - Crash with SIGTRAP
Products affected by CVE-2013-1669
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*