CVE-2013-1689Improper Input Validation in Mozilla Firefox

CWE-20Improper Input Validation2 documents2 sources
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 41.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedDec 10
Latest updateMay 5

Description

Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDmozilla/firefox19.0.2+1
CVEListV5mozilla/firefox20.0a1

🔴Vulnerability Details

1
GHSA
GHSA-2493-x4rf-23h9: Mozilla Firefox 202022-05-05