9.3

CVE-2013-0779

Exploit

The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

Data is provided by the National Vulnerability Database (NVD)
MozillaFirefox Version < 17.0.3
MozillaFirefox Version < 19.0
MozillaSeamonkey Version < 2.16
MozillaThunderbird Version < 17.0.3
MozillaThunderbird Esr Version < 17.0.3
OpensuseOpensuse Version11.4
OpensuseOpensuse Version12.1
OpensuseOpensuse Version12.2
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version11.10
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version12.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.36% 0.834
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://bugzilla.mozilla.org/show_bug.cgi?id=801330
Patch
Vendor Advisory
Exploit
Issue Tracking