CVE-2013-1708 — Mozilla Firefox vulnerability

6 documents6 sources
Severity
4.3MEDIUMNVD
EPSS
5.3%
top 9.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Seamonkey
Timeline
PublishedAug 7
Latest updateMay 17

Description

Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

â–¶NVDmozilla/firefox22.0+6
â–¶NVDmozilla/seamonkey2.20+52

🔴Vulnerability Details

2
GHSA
GHSA-fg7m-9hhw-wp5v: Mozilla Firefox before 23↗2022-05-17
â–¶
CVEList
CVE-2013-1708: Mozilla Firefox before 23↗2013-08-07
â–¶

📋Vendor Advisories

2
Ubuntu
Firefox vulnerabilities↗2013-08-06
â–¶
Red Hat
Mozilla: Crash during WAV audio file decoding (MFSA 2013-67)↗2013-08-06
â–¶

💬Community

1
Bugzilla
CVE-2013-1708 Mozilla: Crash during WAV audio file decoding (MFSA 2013-67)↗2013-08-07
â–¶
CVE-2013-1708 — Mozilla Firefox vulnerability | cvebase