Vulnerabilities > CVE-2013-0771 - Out-Of-Bounds Write vulnerability in multiple products

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE

Summary

Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.

Vulnerable Configurations

Part Description Count
Application
Mozilla
598
OS
Opensuse
3
OS
Suse
7
OS
Canonical
4

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_1701.NASL
    descriptionThe installed version of Firefox 17.x is potentially affected by the following security issues : - An unspecified memory corruption issue exists. (CVE-2013-0749, CVE-2013-0769) - Multiple, unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. (CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771)
    last seen2020-06-01
    modified2020-06-02
    plugin id63549
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63549
    titleFirefox ESR 17.x < 17.0.1 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2013-17.NASL
    descriptionThe Mozilla January 8th 2013 security release contains updates : Mozilla Firefox was updated to version 18.0. Mozilla SeaMonkey was updated to version 2.15. Mozilla Thunderbird was updated to version 17.0.2. Mozilla XULRunner was updated to version 17.0.2. - MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 Miscellaneous memory safety hazards - MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-20 13-0767 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 Use-after-free and buffer overflow issues found using Address Sanitizer - MFSA 2013-03/CVE-2013-0768 (bmo#815795) Buffer Overflow in Canvas - MFSA 2013-04/CVE-2012-0759 (bmo#802026) URL spoofing in addressbar during page loads - MFSA 2013-05/CVE-2013-0744 (bmo#814713) Use-after-free when displaying table with many columns and column groups - MFSA 2013-06/CVE-2013-0751 (bmo#790454) Touch events are shared across iframes - MFSA 2013-07/CVE-2013-0764 (bmo#804237) Crash due to handling of SSL on threads - MFSA 2013-08/CVE-2013-0745 (bmo#794158) AutoWrapperChanger fails to keep objects alive during garbage collection - MFSA 2013-09/CVE-2013-0746 (bmo#816842) Compartment mismatch with quickstubs returned values - MFSA 2013-10/CVE-2013-0747 (bmo#733305) Event manipulation in plugin handler to bypass same-origin policy - MFSA 2013-11/CVE-2013-0748 (bmo#806031) Address space layout leaked in XBL objects - MFSA 2013-12/CVE-2013-0750 (bmo#805121) Buffer overflow in JavaScript string concatenation - MFSA 2013-13/CVE-2013-0752 (bmo#805024) Memory corruption in XBL with XML bindings containing SVG - MFSA 2013-14/CVE-2013-0757 (bmo#813901) Chrome Object Wrapper (COW) bypass through changing prototype - MFSA 2013-15/CVE-2013-0758 (bmo#813906) Privilege escalation through plugin objects - MFSA 2013-16/CVE-2013-0753 (bmo#814001) Use-after-free in serializeToStream - MFSA 2013-17/CVE-2013-0754 (bmo#814026) Use-after-free in ListenerManager - MFSA 2013-18/CVE-2013-0755 (bmo#814027) Use-after-free in Vibrate - MFSA 2013-19/CVE-2013-0756 (bmo#814029) Use-after-free in JavaScript Proxy objects Mozilla NSPR was updated to 4.9.4, containing some small bugfixes and new features. Mozilla NSS was updated to 3.14.1 containing various new features, security fix and bugfixes : - MFSA 2013-20/CVE-2013-0743 (bmo#825022, bnc#796628) revoke mis-issued intermediate certificates from TURKTRUST Cryptographic changes done : - Support for TLS 1.1 (RFC 4346) - Experimental support for DTLS 1.0 (RFC 4347) and DTLS-SRTP (RFC 5764) - Support for AES-CTR, AES-CTS, and AES-GCM - Support for Keying Material Exporters for TLS (RFC 5705) - Support for certificate signatures using the MD5 hash algorithm is now disabled by default - The NSS license has changed to MPL 2.0. Previous releases were released under a MPL 1.1/GPL 2.0/LGPL 2.1 tri-license. For more information about MPL 2.0, please see http://www.mozilla.org/MPL/2.0/FAQ.html. For an additional explanation on GPL/LGPL compatibility, see security/nss/COPYING in the source code. - Export and DES cipher suites are disabled by default. Non-ECC AES and Triple DES cipher suites are enabled by default Please see http://www.mozilla.org/security/announce/ for more information.
    last seen2020-06-05
    modified2014-06-13
    plugin id74918
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74918
    titleopenSUSE Security Update : firefox / seamonkey / thunderbird (openSUSE-SU-2013:0149-1)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_THUNDERBIRD_17_0_2.NASL
    descriptionThe installed version of Thunderbird is earlier than 17.0.2 and thus, is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. (CVE-2013-0743) - A use-after-free error exists related to displaying HTML tables with many columns and column groups. (CVE-2013-0744) - An error exists related to the
    last seen2020-06-01
    modified2020-06-02
    plugin id63547
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63547
    titleThunderbird < 17.0.2 Multiple Vulnerabilities (Mac OS X)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1681-1.NASL
    descriptionChristoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O
    last seen2020-06-01
    modified2020-06-02
    plugin id63447
    published2013-01-09
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63447
    titleUbuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1681-1)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_180.NASL
    descriptionThe installed version of Firefox is earlier than 18.0 and thus, is potentially affected by the following security issues : - Multiple, unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. (CVE-2012-5829, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771) - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. (CVE-2013-0743) - A use-after-free error exists related to displaying HTML tables with many columns and column groups. (CVE-2013-0744) - An error exists related to the
    last seen2020-06-01
    modified2020-06-02
    plugin id63551
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63551
    titleFirefox < 18.0 Multiple Vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1681-4.NASL
    descriptionUSN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O
    last seen2020-06-01
    modified2020-06-02
    plugin id64480
    published2013-02-06
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/64480
    titleUbuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1681-4)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_A4ED66325AA911E28FCBC8600054B392.NASL
    descriptionThe Mozilla Project reports : MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2) MFSA 2013-02 Use-after-free and buffer overflow issues found using Address Sanitizer MFSA 2013-03 Buffer Overflow in Canvas MFSA 2013-04 URL spoofing in addressbar during page loads MFSA 2013-05 Use-after-free when displaying table with many columns and column groups MFSA 2013-06 Touch events are shared across iframes MFSA 2013-07 Crash due to handling of SSL on threads MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during garbage collection MFSA 2013-09 Compartment mismatch with quickstubs returned values MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin policy MFSA 2013-11 Address space layout leaked in XBL objects MFSA 2013-12 Buffer overflow in JavaScript string concatenation MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype MFSA 2013-15 Privilege escalation through plugin objects MFSA 2013-16 Use-after-free in serializeToStream MFSA 2013-17 Use-after-free in ListenerManager MFSA 2013-18 Use-after-free in Vibrate MFSA 2013-19 Use-after-free in JavaScript Proxy objects MFSA 2013-20 Mis-issued TURKTRUST certificates
    last seen2020-06-01
    modified2020-06-02
    plugin id63463
    published2013-01-10
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63463
    titleFreeBSD : mozilla -- multiple vulnerabilities (a4ed6632-5aa9-11e2-8fcb-c8600054b392)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FIREFOX_18_0.NASL
    descriptionThe installed version of Firefox is earlier than 18.0 and thus, is potentially affected by the following security issues : - Multiple unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. (CVE-2012-5829, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771) - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. (CVE-2013-0743) - A use-after-free error exists related to displaying HTML tables with many columns and column groups. (CVE-2013-0744) - An error exists related to the
    last seen2020-06-01
    modified2020-06-02
    plugin id63545
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63545
    titleFirefox < 18.0 Multiple Vulnerabilities (Mac OS X)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_FIREFOX-201301-130110.NASL
    descriptionMozilla Firefox was updated to the 10.0.12ESR release. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2013-01) - Christoph Diehl, Christian Holler, Mats Palmgren, and Chiaki Ishikawa reported memory safety problems and crashes that affect Firefox ESR 10, Firefox ESR 17, and Firefox 17. (CVE-2013-0769) - Bill Gianopoulos, Benoit Jacob, Christoph Diehl, Christian Holler, Gary Kwong, Robert O
    last seen2020-06-05
    modified2013-01-25
    plugin id64136
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64136
    titleSuSE 11.2 Security Update : MozillaFirefox (SAT Patch Number 7224)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2013-0306-1.NASL
    descriptionMozilla Firefox is updated to the 10.0.12ESR version. This is a roll-up update for LTSS. It fixes a lot of security issues and bugs. 10.0.12ESR fixes specifically : MFSA 2013-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Christoph Diehl, Christian Holler, Mats Palmgren, and Chiaki Ishikawa reported memory safety problems and crashes that affect Firefox ESR 10, Firefox ESR 17, and Firefox 17. (CVE-2013-0769) Bill Gianopoulos, Benoit Jacob, Christoph Diehl, Christian Holler, Gary Kwong, Robert O
    last seen2020-06-05
    modified2015-05-20
    plugin id83574
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83574
    titleSUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2013:0306-1)
  • NASL familyWindows
    NASL idMOZILLA_THUNDERBIRD_1702.NASL
    descriptionThe installed version of Thunderbird is earlier than 17.0.2 and thus, is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. (CVE-2013-0743) - A use-after-free error exists related to displaying HTML tables with many columns and column groups. (CVE-2013-0744) - An error exists related to the
    last seen2020-06-01
    modified2020-06-02
    plugin id63553
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63553
    titleMozilla Thunderbird < 17.0.2 Multiple Vulnerabilities
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FIREFOX_17_0_1.NASL
    descriptionThe installed version of Firefox is earlier than 17.0.1 and thus, is potentially affected by the following security issues : - An unspecified memory corruption issue exists. (CVE-2013-0749, CVE-2013-0769) - Multiple, unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. (CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771)
    last seen2020-06-01
    modified2020-06-02
    plugin id63543
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63543
    titleFirefox < 17.0.1 Multiple Vulnerabilities (Mac OS X)
  • NASL familyWindows
    NASL idSEAMONKEY_215.NASL
    descriptionThe installed version of SeaMonkey is earlier than 2.15 and thus, is potentially affected by the following security issues : - Multiple, unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. (CVE-2012-5829, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771) - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. (CVE-2013-0743) - A use-after-free error exists related to displaying HTML tables with many columns and column groups. (CVE-2013-0744) - An error exists related to the
    last seen2020-06-01
    modified2020-06-02
    plugin id63554
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63554
    titleSeaMonkey < 2.15 Multiple Vulnerabilities
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_10012.NASL
    descriptionThe installed version of Firefox 10.x is potentially affected by the following security issues : - Multiple, unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. (CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771) - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. (CVE-2013-0743) - A use-after-free error exists related to displaying HTML tables with many columns and column groups. (CVE-2013-0744) - An error exists related to the
    last seen2020-06-01
    modified2020-06-02
    plugin id63548
    published2013-01-15
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63548
    titleFirefox 10.x < 10.0.12 Multiple Vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1681-3.NASL
    descriptionUSN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, some translations became unusable after upgrading. This update fixes the problem. We apologize for the inconvenience. Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O
    last seen2020-06-01
    modified2020-06-02
    plugin id63665
    published2013-01-23
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63665
    titleUbuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1681-3)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201309-23.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201309-23 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Further, a remote attacker could conduct XSS attacks, spoof URLs, bypass address space layout randomization, conduct clickjacking attacks, obtain potentially sensitive information, bypass access restrictions, modify the local filesystem, or conduct other unspecified attacks. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id70183
    published2013-09-28
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70183
    titleGLSA-201309-23 : Mozilla Products: Multiple vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1681-2.NASL
    descriptionUSN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O
    last seen2020-06-01
    modified2020-06-02
    plugin id63448
    published2013-01-09
    reporterUbuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63448
    titleUbuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1681-2)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_FIREFOX-201301-8426.NASL
    descriptionMozilla Firefox was updated to the 10.0.12ESR release. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2013-01) o Christoph Diehl, Christian Holler, Mats Palmgren, and Chiaki Ishikawa reported memory safety problems and crashes that affect Firefox ESR 10, Firefox ESR 17, and Firefox 17. (CVE-2013-0769) o Bill Gianopoulos, Benoit Jacob, Christoph Diehl, Christian Holler, Gary Kwong, Robert O
    last seen2020-06-05
    modified2013-01-20
    plugin id63626
    published2013-01-20
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63626
    titleSuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 8426)

Oval

accepted2014-10-06T04:02:28.577-04:00
classvulnerability
contributors
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameRichard Helbing
    organizationbaramundi software
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
definition_extensions
  • commentMozilla Seamonkey is installed
    ovaloval:org.mitre.oval:def:6372
  • commentMozilla Thunderbird Mainline release is installed
    ovaloval:org.mitre.oval:def:22093
  • commentMozilla Firefox Mainline release is installed
    ovaloval:org.mitre.oval:def:22259
  • commentMozilla Firefox ESR is installed
    ovaloval:org.mitre.oval:def:22414
  • commentMozilla Thunderbird ESR is installed
    ovaloval:org.mitre.oval:def:22216
descriptionHeap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
familywindows
idoval:org.mitre.oval:def:17019
statusaccepted
submitted2013-05-13T10:26:26.748+04:00
titleHeap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
version39

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 57198 CVE(CAN) ID: CVE-2013-0771 Firefox是一款非常流行的开源WEB浏览器。SeaMonkey是开源的Web浏览器、邮件和新闻组客户端、IRC会话客户端和HTML编辑器。Thunderbird是一个邮件客户端,支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Firefox 18, ESR 17.0.1的gfxTextRun::ShrinkToLigatureBoundaries内存在堆释放后重用漏洞,可导致远程代码执行。 0 Mozilla Firefox 18.0 Mozilla Firefox ESR 17.0.1 Mozilla Firefox ESR 10.0.12 厂商补丁: Mozilla ------- Mozilla已经为此发布了一个安全公告(mfsa2013-02)以及相应补丁: mfsa2013-02:Use-after-free and buffer overflow issues found using Address Sanitizer 链接:https://www.mozilla.org/security/announce/2013/mfsa2013-02.html
idSSV:60577
last seen2017-11-19
modified2013-01-10
published2013-01-10
reporterRoot
titleMozilla Firefox gfxTextRun::ShrinkToLigatureBoundaries堆释放后重用漏洞