9.8

CVE-2013-5615

Exploit

EPSS 2.01%
Published 11.12.2013 15:55:12
Last modified 11.04.2025 00:51:21
Source security@mozilla.org
Teams watchlist Login
Open Login

The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.

Affected products Warnungen 0 Metrics 3 CWE 0 References 23

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version < 26.0

Mozilla ≫ Firefox ESR Version >= 24.0 < 24.2

Mozilla ≫ Seamonkey Version < 2.23

Mozilla ≫ Thunderbird Version < 24.2

Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version12.10

Canonical ≫ Ubuntu Linux Version13.04

Canonical ≫ Ubuntu Linux Version13.10

Suse ≫ Suse Linux Enterprise Software Development Kit Version11.0 Updatesp3

Opensuse ≫ Opensuse Version12.2

Opensuse ≫ Opensuse Version12.3

Opensuse ≫ Opensuse Version13.1

Suse ≫ Suse Linux Enterprise Desktop Version11 Updatesp3

Suse ≫ Suse Linux Enterprise Server Version11 Updatesp3 SwPlatform-

Suse ≫ Suse Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware

Fedoraproject ≫ Fedora Version18

Fedoraproject ≫ Fedora Version19

Fedoraproject ≫ Fedora Version20

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.01%	0.83

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Third Party Advisory

https://security.gentoo.org/glsa/201504-01

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html

Third Party Advisory

Mailing List

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html

Third Party Advisory

Mailing List

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html

Third Party Advisory

Mailing List

http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html

Third Party Advisory

Mailing List

http://www.securitytracker.com/id/1029470

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1029476

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/USN-2052-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2053-1

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html

Third Party Advisory

Mailing List

http://www.mozilla.org/security/announce/2013/mfsa2013-115.html

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=929261

Vendor Advisory

Exploit

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2013-5615

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-5615

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-5615

EUVD