1. Home
  2. Vulnerabilities
  3. CVE-2013-1675

CVE-2013-1675

CVSS v3.1 6.5 (Medium)
65% Progress
CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 6.15 % (94th)
6.15% Progress
Affected Products 19
Advisories 11
NVD Status Analyzed
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

Weaknesses
CWE-665
Improper Initialization
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
Mozilla Corporation
Published Date
2013-05-16 11:45:30
(11 years ago)
Updated Date
2024-07-16 17:35:45
(2 months ago)
Mozilla Firefox Information Disclosure Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
Description
Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
Required Action
Apply updates per vendor instructions.
Known to be Used in Ransomware Campaigns
Unknown
Notes
https://nvd.nist.gov/vuln/detail/CVE-2013-1675
Vendor
Mozilla
Product
Firefox
In CISA Catalog from
2022-03-03
(2 years ago)
Due Date
2022-03-24
(2 years ago)

Affected Products

Canonical

Debian

Mozilla

Opensuse

Redhat

Configuration #1

    CPE23 From Up To
  Mozilla Firefox prior 21.0 version cpe:2.3:a:mozilla:firefox < 21.0
  Mozilla Firefox Esr from 17.0 version and prior 17.0.6 version cpe:2.3:a:mozilla:firefox_esr >= 17.0 < 17.0.6
  Mozilla Thunderbird prior 17.0.6 version cpe:2.3:a:mozilla:thunderbird < 17.0.6
  Mozilla Thunderbird Esr from 17.0 version and prior 17.0.6 version cpe:2.3:a:mozilla:thunderbird_esr >= 17.0 < 17.0.6

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-
  Canonical Ubuntu Linux 12.10 cpe:2.3:o:canonical:ubuntu_linux:12.10
  Canonical Ubuntu Linux 13.04 cpe:2.3:o:canonical:ubuntu_linux:13.04

Configuration #3

    CPE23 From Up To
  Debian Linux 7.0 cpe:2.3:o:debian:debian_linux:7.0

Configuration #4

    CPE23 From Up To
  Redhat Gluster Storage Server for On-premise 2.1 cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1
  Redhat Enterprise Linux Desktop 5.0 cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
  Redhat Enterprise Linux Desktop 6.0 cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  Redhat Enterprise Linux Eus 5.9 cpe:2.3:o:redhat:enterprise_linux_eus:5.9
  Redhat Enterprise Linux Eus 6.4 cpe:2.3:o:redhat:enterprise_linux_eus:6.4
  Redhat Enterprise Linux for Ibm Z Systems 5.0 S390x cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0_s390x
  Redhat Enterprise Linux for Ibm Z Systems 6.0 S390x cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x
  Redhat Enterprise Linux for Ibm Z Systems Eus 5.9 S390x cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:5.9_s390x
  Redhat Enterprise Linux for Ibm Z Systems Eus 6.4 S390x cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:6.4_s390x
  Redhat Enterprise Linux for Power Big Endian 5.0 Ppc cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc
  Redhat Enterprise Linux for Power Big Endian 6.0 Ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64
  Redhat Enterprise Linux for Power Big Endian Eus 5.9 Ppc cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:5.9_ppc
  Redhat Enterprise Linux for Power Big Endian Eus 6.4 Ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.4_ppc64
  Redhat Enterprise Linux for Scientific Computing 6.0 cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0
  Redhat Enterprise Linux Server 5.0 cpe:2.3:o:redhat:enterprise_linux_server:5.0
  Redhat Enterprise Linux Server 6.0 cpe:2.3:o:redhat:enterprise_linux_server:6.0
  Redhat Enterprise Linux Server Aus 5.9 cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9
  Redhat Enterprise Linux Server Aus 6.4 cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4
  Redhat Enterprise Linux Server Eus From Rhui 5.9 cpe:2.3:o:redhat:enterprise_linux_server_eus_from_rhui:5.9
  Redhat Enterprise Linux Server Eus From Rhui 6.4 cpe:2.3:o:redhat:enterprise_linux_server_eus_from_rhui:6.4
  Redhat Enterprise Linux Workstation 5.0 cpe:2.3:o:redhat:enterprise_linux_workstation:5.0
  Redhat Enterprise Linux Workstation 6.0 cpe:2.3:o:redhat:enterprise_linux_workstation:6.0

Configuration #5

    CPE23 From Up To
  Opensuse 12.2 cpe:2.3:o:opensuse:opensuse:12.2
  Opensuse 12.3 cpe:2.3:o:opensuse:opensuse:12.3