CVE-2013-5610
First published: Wed Dec 11 2013(Updated: )
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <26.0 | |
| Mozilla SeaMonkey | <2.23 | |
| Oracle Solaris SPARC | =11.3 | |
| Fedoraproject Fedora | =18 | |
| Fedoraproject Fedora | =19 | |
| Fedoraproject Fedora | =20 | |
| Ubuntu Linux | =12.04 | |
| Ubuntu Linux | =12.10 | |
| Ubuntu Linux | =13.04 | |
| Ubuntu Linux | =13.10 | |
| openSUSE | =12.2 | |
| openSUSE | =12.3 | |
| openSUSE | =13.1 | |
| SUSE Linux Enterprise Desktop with Beagle | =11-sp3 | |
| SUSE Linux Enterprise Server | =11-sp3 | |
| suse linux enterprise server vmware | =11-sp3 | |
| SUSE Linux Enterprise Software Development Kit | =11-sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
- http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
- http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-104.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securitytracker.com/id/1029470
- http://www.securitytracker.com/id/1029476
- http://www.ubuntu.com/usn/USN-2052-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=890432
- https://bugzilla.mozilla.org/show_bug.cgi?id=905903
- https://security.gentoo.org/glsa/201504-01
Frequently Asked Questions
What is the severity of CVE-2013-5610?
CVE-2013-5610 has a severity level that could allow remote attackers to cause a denial of service or potentially execute arbitrary code.
How do I fix CVE-2013-5610?
To address CVE-2013-5610, you should upgrade to Mozilla Firefox version 26.0 or later and SeaMonkey version 2.23 or later.
What software is affected by CVE-2013-5610?
CVE-2013-5610 affects multiple versions of Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23, as well as specific versions of Oracle Solaris and various Fedora and Ubuntu distributions.
Can CVE-2013-5610 lead to an application crash?
Yes, CVE-2013-5610 can result in memory corruption that leads to application crashes.
Is there a risk of arbitrary code execution with CVE-2013-5610?
Yes, CVE-2013-5610 poses a risk of arbitrary code execution due to the unspecified vulnerabilities in the browser engine.
- agent/references
- agent/type
- agent/severity
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/mozilla
- canonical/mozilla firefox
- canonical/mozilla seamonkey
- vendor/oracle
- canonical/oracle solaris sparc
- version/oracle solaris sparc/11.3
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/18
- version/fedoraproject fedora/19
- version/fedoraproject fedora/20
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/12.04
- version/ubuntu linux/12.10
- version/ubuntu linux/13.04
- version/ubuntu linux/13.10
- vendor/opensuse
- canonical/opensuse
- version/opensuse/12.2
- version/opensuse/12.3
- version/opensuse/13.1
- vendor/suse
- canonical/suse linux enterprise desktop with beagle
- version/suse linux enterprise desktop with beagle/11-sp3
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11-sp3
- canonical/suse linux enterprise server vmware
- version/suse linux enterprise server vmware/11-sp3
- canonical/suse linux enterprise software development kit
- version/suse linux enterprise software development kit/11-sp3