← Volver a CVEs
CVE-2013-1722
N/ADescripcion
Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado9/18/2013
Ultima modificacion4/11/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
mozilla:firefoxmozilla:seamonkeymozilla:thunderbirdmozilla:thunderbird_esr
Debilidades (CWE)
CWE-399
Referencias
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html(security@mozilla.org)
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html(security@mozilla.org)
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00059.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00060.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html(security@mozilla.org)
http://rhn.redhat.com/errata/RHSA-2013-1268.html(security@mozilla.org)
http://rhn.redhat.com/errata/RHSA-2013-1269.html(security@mozilla.org)
http://www.debian.org/security/2013/dsa-2762(security@mozilla.org)
http://www.mozilla.org/security/announce/2013/mfsa2013-79.html(security@mozilla.org)
http://www.securityfocus.com/bid/62460(security@mozilla.org)
http://www.ubuntu.com/usn/USN-1951-1(security@mozilla.org)
http://www.ubuntu.com/usn/USN-1952-1(security@mozilla.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=893308(security@mozilla.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19031(security@mozilla.org)
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00059.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00060.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2013-1268.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2013-1269.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2013/dsa-2762(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2013/mfsa2013-79.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/62460(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1951-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1952-1(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=893308(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19031(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.