CVE-2013-0799: Buffer Overflow
First published: Wed Apr 03 2013(Updated: )
Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Firefox | <=19.0.2 | |
| Firefox | =19.0 | |
| Firefox | =19.0.1 | |
| Microsoft Windows Operating System | ||
| All of | ||
| Any of | ||
| Firefox | =17.0 | |
| Firefox | =17.0.1 | |
| Firefox | =17.0.2 | |
| Firefox | =17.0.3 | |
| Firefox | =17.0.4 | |
| Microsoft Windows Operating System | ||
| All of | ||
| Any of | ||
| Thunderbird | =17.0 | |
| Thunderbird | =17.0.1 | |
| Thunderbird | =17.0.2 | |
| Thunderbird | =17.0.3 | |
| Thunderbird | =17.0.4 | |
| Microsoft Windows Operating System | ||
| All of | ||
| Any of | ||
| Mozilla Thunderbird | =17.0 | |
| Mozilla Thunderbird | =17.0.1 | |
| Mozilla Thunderbird | =17.0.2 | |
| Mozilla Thunderbird | =17.0.3 | |
| Mozilla Thunderbird | =17.0.4 | |
| Microsoft Windows Operating System | ||
| Firefox | <=19.0.2 | |
| Firefox | =19.0 | |
| Firefox | =19.0.1 | |
| Microsoft Windows Operating System | ||
| Firefox ESR | =17.0 | |
| Firefox ESR | =17.0.1 | |
| Firefox ESR | =17.0.2 | |
| Firefox ESR | =17.0.3 | |
| Firefox ESR | =17.0.4 | |
| Thunderbird | =17.0 | |
| Thunderbird | =17.0.1 | |
| Thunderbird | =17.0.2 | |
| Thunderbird | =17.0.3 | |
| Thunderbird | =17.0.4 | |
| Mozilla Thunderbird | =17.0 | |
| Mozilla Thunderbird | =17.0.1 | |
| Mozilla Thunderbird | =17.0.2 | |
| Mozilla Thunderbird | =17.0.3 | |
| Mozilla Thunderbird | =17.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-32.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=848417
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17155
Frequently Asked Questions
What is the severity of CVE-2013-0799?
CVE-2013-0799 is classified as a critical vulnerability that may allow local users to gain elevated privileges.
How do I fix CVE-2013-0799?
To fix CVE-2013-0799, update Mozilla Firefox, Thunderbird, or their ESR versions to version 20.0 or newer.
Which versions of Mozilla Firefox are affected by CVE-2013-0799?
CVE-2013-0799 affects Mozilla Firefox versions prior to 20.0, including 19.0.2 and earlier.
Which versions of Thunderbird are impacted by CVE-2013-0799?
CVE-2013-0799 impacts Thunderbird versions prior to 17.0.5, including 17.0 to 17.0.4.
Can CVE-2013-0799 be exploited remotely?
No, CVE-2013-0799 is a local privilege escalation vulnerability that requires local user access to exploit.
- agent/type
- agent/severity
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/first-publish-date
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/source
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/mozilla
- canonical/firefox
- version/firefox/19.0.2
- version/firefox/19.0
- version/firefox/19.0.1
- vendor/microsoft
- canonical/microsoft windows operating system
- version/firefox/17.0
- version/firefox/17.0.1
- version/firefox/17.0.2
- version/firefox/17.0.3
- version/firefox/17.0.4
- canonical/thunderbird
- version/thunderbird/17.0
- version/thunderbird/17.0.1
- version/thunderbird/17.0.2
- version/thunderbird/17.0.3
- version/thunderbird/17.0.4
- canonical/mozilla thunderbird
- version/mozilla thunderbird/17.0
- version/mozilla thunderbird/17.0.1
- version/mozilla thunderbird/17.0.2
- version/mozilla thunderbird/17.0.3
- version/mozilla thunderbird/17.0.4
- canonical/firefox esr
- version/firefox esr/17.0
- version/firefox esr/17.0.1
- version/firefox esr/17.0.2
- version/firefox esr/17.0.3
- version/firefox esr/17.0.4