CVE-2013-0782: Buffer Overflow
First published: Tue Feb 19 2013(Updated: )
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | <17.0.3 | |
| Firefox | <19.0 | |
| Mozilla SeaMonkey | <2.16 | |
| Thunderbird | <17.0.3 | |
| Mozilla Thunderbird | <17.0.3 | |
| SUSE Linux | =11.4 | |
| SUSE Linux | =12.1 | |
| SUSE Linux | =12.2 | |
| Red Hat Enterprise Linux | =5.9 | |
| Red Hat Enterprise Linux Desktop | =5.0 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Server EUS | =5.9 | |
| Red Hat Enterprise Linux Server EUS | =6.3 | |
| Red Hat Enterprise Linux Server | =5.0 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Workstation | =5.0 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Debian | =7.0 | |
| Ubuntu | =10.04 | |
| Ubuntu | =11.10 | |
| Ubuntu | =12.04 | |
| Ubuntu | =12.10 | |
| Firefox ESR | <17.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html
- http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html
- http://rhn.redhat.com/errata/RHSA-2013-0271.html
- http://rhn.redhat.com/errata/RHSA-2013-0272.html
- http://www.debian.org/security/2013/dsa-2699
- http://www.mozilla.org/security/announce/2013/mfsa2013-28.html
- http://www.ubuntu.com/usn/USN-1729-1
- http://www.ubuntu.com/usn/USN-1729-2
- http://www.ubuntu.com/usn/USN-1748-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=827070
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16906
Frequently Asked Questions
What is the severity of CVE-2013-0782?
CVE-2013-0782 has a high severity level due to its potential for allowing remote code execution.
How do I fix CVE-2013-0782?
To fix CVE-2013-0782, update Mozilla Firefox, Thunderbird, or SeaMonkey to the latest versions that are not affected.
What versions are affected by CVE-2013-0782?
CVE-2013-0782 affects Mozilla Firefox versions before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16.
Can CVE-2013-0782 be exploited remotely?
Yes, CVE-2013-0782 can be exploited remotely by attackers to execute arbitrary code.
Is CVE-2013-0782 specific to any operating systems?
CVE-2013-0782 is not limited to specific operating systems but affects various versions of browsers across platforms.
- agent/type
- agent/weakness
- agent/severity
- agent/remedy
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/author
- agent/source
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/mozilla
- canonical/firefox
- canonical/mozilla seamonkey
- canonical/thunderbird
- canonical/mozilla thunderbird
- vendor/opensuse
- canonical/suse linux
- version/suse linux/11.4
- version/suse linux/12.1
- version/suse linux/12.2
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5.9
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/5.0
- version/red hat enterprise linux desktop/6.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/5.9
- version/red hat enterprise linux server eus/6.3
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/5.0
- version/red hat enterprise linux server/6.0
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/5.0
- version/red hat enterprise linux workstation/6.0
- vendor/debian
- canonical/debian
- version/debian/7.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/10.04
- version/ubuntu/11.10
- version/ubuntu/12.04
- version/ubuntu/12.10
- canonical/firefox esr