CVE-2013-0796
First published: Wed Apr 03 2013(Updated: )
The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <20.0 | |
| Linux Linux kernel | ||
| Mozilla Firefox ESR | >=17.0<17.0.5 | |
| Mozilla Thunderbird | >=17.0<17.0.5 | |
| Mozilla Thunderbird Esr | >=17.0<17.0.5 | |
| Mozilla SeaMonkey | <2.17 | |
| All of | ||
| Mozilla Firefox | <20.0 | |
| Linux Linux kernel | ||
| All of | ||
| Mozilla Firefox | >=17.0<17.0.5 | |
| Linux Linux kernel | ||
| All of | ||
| Mozilla Thunderbird | >=17.0<17.0.5 | |
| Linux Linux kernel | ||
| All of | ||
| Mozilla Thunderbird Esr | >=17.0<17.0.5 | |
| Linux Linux kernel | ||
| All of | ||
| Mozilla SeaMonkey | <2.17 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html
- http://rhn.redhat.com/errata/RHSA-2013-0696.html
- http://rhn.redhat.com/errata/RHSA-2013-0697.html
- http://www.debian.org/security/2013/dsa-2699
- http://www.mozilla.org/security/announce/2013/mfsa2013-35.html
- http://www.ubuntu.com/usn/USN-1791-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=827106
- https://bugzilla.mozilla.org/show_bug.cgi?id=838413
- agent/references
- agent/type
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/author
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/mozilla
- canonical/mozilla firefox
- vendor/linux
- canonical/linux linux kernel
- canonical/mozilla firefox esr
- version/mozilla firefox esr/17.0
- canonical/mozilla thunderbird
- version/mozilla thunderbird/17.0
- canonical/mozilla thunderbird esr
- version/mozilla thunderbird esr/17.0
- canonical/mozilla seamonkey
- version/mozilla firefox/17.0