First published: Tue Feb 19 2013(Updated: )
Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
Credit: security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Firefox | <19.0 | |
Mozilla SeaMonkey | <2.16 | |
SUSE Linux | =11.4 | |
SUSE Linux | =12.1 | |
SUSE Linux | =12.2 | |
Ubuntu | =10.04 | |
Ubuntu | =11.10 | |
Ubuntu | =12.04 | |
Ubuntu | =12.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-0765 is classified as a medium severity vulnerability that allows remote attackers to bypass access restrictions.
To fix CVE-2013-0765, update to Mozilla Firefox version 19.0, Thunderbird version 17.0.3, or SeaMonkey version 2.16 or later.
CVE-2013-0765 affects Mozilla Firefox versions before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16.
CVE-2013-0765 can be exploited by remote attackers through unspecified vectors to bypass intended access restrictions.
CVE-2013-0765 is not a concern for currently supported versions of affected software that have been updated to include security patches.