CVE-2013-0796
First published: Wed Apr 03 2013(Updated: )
The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Mozilla Firefox | <20.0 | |
| Linux Kernel | ||
| All of | ||
| Mozilla Firefox | >=17.0<17.0.5 | |
| Linux Kernel | ||
| All of | ||
| Mozilla Thunderbird | >=17.0<17.0.5 | |
| Linux Kernel | ||
| All of | ||
| Mozilla Thunderbird ESR | >=17.0<17.0.5 | |
| Linux Kernel | ||
| All of | ||
| Mozilla SeaMonkey | <2.17 | |
| Linux Kernel | ||
| Mozilla Firefox | <20.0 | |
| Linux Kernel | ||
| Mozilla Firefox ESR | >=17.0<17.0.5 | |
| Mozilla Thunderbird | >=17.0<17.0.5 | |
| Mozilla Thunderbird ESR | >=17.0<17.0.5 | |
| Mozilla SeaMonkey | <2.17 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html
- http://rhn.redhat.com/errata/RHSA-2013-0696.html
- http://rhn.redhat.com/errata/RHSA-2013-0697.html
- http://www.debian.org/security/2013/dsa-2699
- http://www.mozilla.org/security/announce/2013/mfsa2013-35.html
- http://www.ubuntu.com/usn/USN-1791-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=827106
- https://bugzilla.mozilla.org/show_bug.cgi?id=838413
- agent/references
- agent/type
- agent/severity
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/mozilla
- canonical/mozilla firefox
- vendor/linux
- canonical/linux kernel
- version/mozilla firefox/17.0
- canonical/mozilla thunderbird
- version/mozilla thunderbird/17.0
- canonical/mozilla thunderbird esr
- version/mozilla thunderbird esr/17.0
- canonical/mozilla seamonkey
- canonical/mozilla firefox esr
- version/mozilla firefox esr/17.0