CVE-2013-6671 : The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird befo

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

Published 2013-12-11 15:55:13

Updated 2020-08-12 14:39:31

Source Mozilla Corporation

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2013-6671

Probability of exploitation activity in the next 30 days: 2.42%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-6671

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2013-6671

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-6671

http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html

[security-announce] SUSE-SU-2013:1919-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html

openSUSE-SU-2013:1958-1: moderate: update for MozillaThunderbird
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html

openSUSE-SU-2013:1918-1: moderate: update for MozillaFirefox
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html

openSUSE-SU-2013:1959-1: moderate: update for MozillaThunderbird
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2053-1

USN-2053-1: Thunderbird vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html

[SECURITY] Fedora 19 Update: firefox-26.0-2.fc19
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Oracle Solaris Bulletin - April 2016
Third Party Advisory

CVEs referencing this url
https://security.gentoo.org/glsa/201504-01

Mozilla Products: Multiple vulnerabilities (GLSA 201504-01) — Gentoo security
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/64212

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-6671 Remote Code Execution Vulnerability
Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html

openSUSE-SU-2014:0008-1: moderate: update for seamonkey
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html

openSUSE-SU-2013:1917-1: moderate: update for MozillaFirefox
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.mozilla.org/security/announce/2013/mfsa2013-111.html

Segmentation violation when replacing ordered list elements — Mozilla
Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html

[SECURITY] Fedora 20 Update: firefox-26.0-3.fc20
Mailing List;Third Party Advisory

CVEs referencing this url
https://bugzilla.mozilla.org/show_bug.cgi?id=930281

930281 - (CVE-2013-6671) SEGV in libxul.so!nsGfxScrollFrameInner::IsLTR()
Exploit;Issue Tracking;Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html

openSUSE-SU-2013:1957-1: moderate: update for MozillaThunderbird
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2052-1

USN-2052-1: Firefox vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-1812.html

RHSA-2013:1812 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1029476

Mozilla Seamonkey Multiple Flaws Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html

openSUSE-SU-2013:1916-1: moderate: update for MozillaFirefox
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html

[SECURITY] Fedora 18 Update: thunderbird-24.2.0-2.fc18
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html

[SECURITY] Fedora 19 Update: thunderbird-24.2.0-2.fc19
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1029470

Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url

Products affected by CVE-2013-6671

Redhat » Enterprise Linux Desktop » Version: 5.0
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Desktop » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 6.5
cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 5.0
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 5.0
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 6.5
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Eus » Version: 6.5
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 6.5
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
Matching versions
Suse » Suse Linux Enterprise Desktop » Version: 11 Update SP3
cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
Matching versions
Suse » Suse Linux Enterprise Software Development Kit » Version: 11.0 Update SP3
cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*
Matching versions
Suse » Suse Linux Enterprise Server » Version: 11 Update SP3 For Vmware
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
Matching versions
Suse » Suse Linux Enterprise Server » Version: 11 Update SP3
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:-:*:*:*
Matching versions
Mozilla » Firefox
Versions before (<) 26.0
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Thunderbird
Versions before (<) 24.2
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Seamonkey
Versions before (<) 2.23
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox Esr
Versions from including (>=) 24.0 and before (<) 24.2
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 13.04
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.10
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 13.10
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 18
cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 19
cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 20
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 12.2
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 12.3
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2013-6671

Exploit prediction scoring system (EPSS) score for CVE-2013-6671

CVSS scores for CVE-2013-6671

CWE ids for CVE-2013-6671

References for CVE-2013-6671

Products affected by CVE-2013-6671