CVE-2013-6672 — Sensitive Information Exposure in Mozilla Firefox

CWE-200 — Sensitive Information Exposure6 documents6 sources

Severity

4.3MEDIUMNVD

EPSS

0.9%

top 23.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Seamonkey Canonical Ubuntu Linux +6 more

Timeline

PublishedDec 11

Latest updateMay 13

Description

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages7 packages

▶NVDmozilla/firefox< 26.0

▶NVDmozilla/seamonkey< 2.23

▶NVDsuse/linux_enterprise_server11

▶NVDsuse/linux_enterprise_desktop11

▶NVDsuse/linux_enterprise_software_development_kit11

Also affects: Ubuntu Linux 12.04, 12.10, 13.04, 13.10, Fedora 19, 20

🔴Vulnerability Details

GHSA

GHSA-g253-7hfj-2j46: Mozilla Firefox before 26↗2022-05-13

▶

CVEList

CVE-2013-6672: Mozilla Firefox before 26↗2013-12-11

▶

📋Vendor Advisories

Ubuntu

Firefox vulnerabilities↗2013-12-11

▶

Red Hat

Mozilla: Linux clipboard information disclosure though selection paste (MFSA 2013-112)↗2013-12-10

▶

💬Community

Bugzilla

CVE-2013-6672 Mozilla: Linux clipboard information disclosure though selection paste (MFSA 2013-112)↗2013-12-09

▶