CVE-2013-1690
CVSS v3.1
8.8 (High)
CVSS v2.0
9.3 (High)
EPSS
22.22 % (97th)
Affected Products
16
Advisories
11
NVD Status
Analyzed
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
Weaknesses
- CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Mozilla Corporation
- Published Date
-
2013-06-26 03:19:10
(11 years ago) - Updated Date
-
2024-07-09 18:25:57
(2 months ago)
Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.
- Required Action
- Apply updates per vendor instructions.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://nvd.nist.gov/vuln/detail/CVE-2013-1690
- Vendor
- Mozilla
- Product
- Firefox and Thunderbird
- In CISA Catalog from
-
2022-03-28
(2 years ago) - Due Date
-
2022-04-18
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Configuration #5
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...