CVE-2013-5619 — Integer Overflow or Wraparound in Mozilla Firefox

CWE-190 — Integer Overflow or Wraparound6 documents6 sources

Severity

7.5HIGHNVD

EPSS

1.7%

top 17.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Seamonkey Canonical Ubuntu Linux +6 more

Timeline

PublishedDec 11

Latest updateMay 13

Description

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages7 packages

▶NVDmozilla/firefox< 26.0

▶NVDmozilla/seamonkey< 2.23

▶NVDoracle/solaris11.3

▶NVDopensuse/opensuse12.2, 13.1+1

▶NVDsuse/linux_enterprise_server11

Also affects: Fedora 19, 20, Ubuntu Linux 12.04, 12.10, 13.04, 13.10

🔴Vulnerability Details

GHSA

GHSA-cjg8-q3v9-46r8: Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26↗2022-05-13

▶

CVEList

CVE-2013-5619: Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26↗2013-12-11

▶

📋Vendor Advisories

Ubuntu

Firefox vulnerabilities↗2013-12-11

▶

Red Hat

Mozilla: Potential overflow in JavaScript binary search algorithms (MFSA 2013-110)↗2013-12-10

▶

💬Community

Bugzilla

CVE-2013-5619 Mozilla: Potential overflow in JavaScript binary search algorithms (MFSA 2013-110)↗2013-12-09

▶