CVE-2013-1720 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources

Severity

6.8MEDIUMNVD

EPSS

2.7%

top 14.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird

Timeline

PublishedSep 18

Latest updateMay 17

Description

The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶NVDmozilla/firefox23.0.1+8

▶NVDmozilla/seamonkey2.20+36

▶NVDmozilla/thunderbird17.0.9+9

🔴Vulnerability Details

GHSA

GHSA-42xr-fff6-m3hh: The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24↗2022-05-17

▶

CVEList

CVE-2013-1720: The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24↗2013-09-18

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2013-09-18

▶

Red Hat

Mozilla: Improper state in HTML5 Tree Builder with templates (MFSA 2013-77)↗2013-09-17

▶

Ubuntu

Firefox vulnerabilities↗2013-09-17

▶

💬Community

Bugzilla

CVE-2013-1720 Mozilla: Improper state in HTML5 Tree Builder with templates (MFSA 2013-77)↗2013-09-18

▶