CVE-2013-5595Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources
Severity
4.3MEDIUMNVD
EPSS
2.6%
top 14.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird+1 more
Timeline
PublishedOct 30
Latest updateMay 17

Description

The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

NVDmozilla/firefox24.0+22
NVDmozilla/thunderbird24.0.1+10
NVDmozilla/thunderbird_esr10 versions+9
NVDmozilla/seamonkey2.22+38

🔴Vulnerability Details

2
GHSA
GHSA-c8rm-xfhj-7h6v: The JavaScript engine in Mozilla Firefox before 252022-05-17
CVEList
CVE-2013-5595: The JavaScript engine in Mozilla Firefox before 252013-10-30

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2013-10-31
Ubuntu
Firefox vulnerabilities2013-10-29
Red Hat
Mozilla: Improperly initialized memory and overflows in some JavaScript functions (MFSA 2013-96)2013-10-29

💬Community

1
Bugzilla
CVE-2013-5595 Mozilla: Improperly initialized memory and overflows in some JavaScript functions (MFSA 2013-96)2013-10-28
CVE-2013-5595 — Mozilla Firefox vulnerability | cvebase