← Back to CVEs

CVE-2013-5615

CRITICAL

9.8

Description

The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.

CVE Details

CVSS v3.1 Score9.8

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published12/11/2013

Last Modified11/25/2025

Sourcenvd

Honeypot Sightings0

Affected Products

canonical:ubuntu_linuxfedoraproject:fedoramozilla:firefoxmozilla:seamonkeymozilla:thunderbirdopensuse:opensusesuse:suse_linux_enterprise_desktopsuse:suse_linux_enterprise_serversuse:suse_linux_enterprise_software_development_kit

References

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html(security@mozilla.org)

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html(security@mozilla.org)

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html(security@mozilla.org)

http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html(security@mozilla.org)

http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html(security@mozilla.org)

http://www.mozilla.org/security/announce/2013/mfsa2013-115.html(security@mozilla.org)

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html(security@mozilla.org)

http://www.securitytracker.com/id/1029470(security@mozilla.org)

http://www.securitytracker.com/id/1029476(security@mozilla.org)

http://www.ubuntu.com/usn/USN-2052-1(security@mozilla.org)

http://www.ubuntu.com/usn/USN-2053-1(security@mozilla.org)

https://bugzilla.mozilla.org/show_bug.cgi?id=929261(security@mozilla.org)

https://security.gentoo.org/glsa/201504-01(security@mozilla.org)

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.mozilla.org/security/announce/2013/mfsa2013-115.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1029470(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1029476(af854a3a-2127-422b-91ae-364da2661108)

http://www.ubuntu.com/usn/USN-2052-1(af854a3a-2127-422b-91ae-364da2661108)

http://www.ubuntu.com/usn/USN-2053-1(af854a3a-2127-422b-91ae-364da2661108)

https://bugzilla.mozilla.org/show_bug.cgi?id=929261(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/201504-01(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.