CVE-2013-1721Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-190Integer Overflow or Wraparound7 documents6 sources
Severity
9.3CRITICALNVD
EPSS
0.9%
top 24.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Seamonkey
Timeline
PublishedSep 18
Latest updateMay 17

Description

Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDmozilla/firefox23.0.1+8
NVDmozilla/seamonkey2.20+36

🔴Vulnerability Details

2
GHSA
GHSA-6wjc-39pw-x8v5: Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox befo2022-05-17
CVEList
CVE-2013-1721: Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox befo2013-09-18

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2013-09-18
Red Hat
Mozilla: Integer overflow in ANGLE library (MFSA 2013-78)2013-09-17
Ubuntu
Firefox vulnerabilities2013-09-17

💬Community

1
Bugzilla
CVE-2013-1721 Mozilla: Integer overflow in ANGLE library (MFSA 2013-78)2013-09-18
CVE-2013-1721 — Mozilla Firefox vulnerability | cvebase