CVE-2013-1731 — Improper Input Validation in Mozilla Firefox

CWE-20 — Improper Input Validation2 documents2 sources

Severity

6.8MEDIUMNVD

EPSS

1.0%

top 22.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox

Timeline

PublishedSep 18

Latest updateMay 17

Description

Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDmozilla/firefox23.0.1+8

🔴Vulnerability Details

GHSA

GHSA-7wjp-9g5c-9mjc: Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24↗2022-05-17

▶