Mozilla Firefox, Thunderbird and Seamonkey Multiple Vulnerabilities
Last Update Date:
21 Feb 2013
Release Date:
20 Feb 2013
4538
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Mozilla Firefox, Thunderbird and Seamonkey, which can be exploited by remote attackers to execute arbitrary code and gather sensitive information.
- Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
- Phishing on HTTPS connection through malicious proxy
- Use-after-free in nsImageLoadingContent
- Web content bypass of COW and SOW security wrappers
- Wrapped WebIDL objects can be wrapped again
- Miscellaneous memory safety hazards
Impact
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Firefox versions prior to 19
- Thunderbird versions prior to 17.0.3
- Seamonkey versions prior to 2.16
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (Firefox 19, Thunderbird 17.0.3, Seamonkey 2.16).
Vulnerability Identifier
- CVE-2013-0765
- CVE-2013-0772
- CVE-2013-0773
- CVE-2013-0774
- CVE-2013-0775
- CVE-2013-0776
- CVE-2013-0777
- CVE-2013-0778
- CVE-2013-0779
- CVE-2013-0780
- CVE-2013-0781
- CVE-2013-0782
- CVE-2013-0783
- CVE-2013-0784
Source
Related Link
Share with