What is CVE-2013-1710?

CVE-2013-1710 is a vulnerability in Mozilla Firefox, classified under Improper Input Validation. Published 2013-08-07.

Is CVE-2013-1710 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Mozilla Firefox

CVE-2013-1710

The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary J…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.765 (99.0th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox — versions 19.0, 19.0.1, 19.0.2
Mozilla Seamonkey — versions 2.0, 2.0.1, 2.0.2
Mozilla Thunderbird — versions 17.0, 17.0.1, 17.0.2
Mozilla Thunderbird_esr — versions 17.0, 17.0.1, 17.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

security@mozilla.org (x_refsource_CONFIRM, Vendor Advisory)
DSA-2746 (vendor-advisory, x_refsource_DEBIAN)
oval:org.mitre.oval:def:18773 (x_refsource_OVAL, signature, vdb-entry)
61900 (vdb-entry, x_refsource_BID)
DSA-2735 (vendor-advisory, x_refsource_DEBIAN)
security@mozilla.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2013-1710?: CVE-2013-1710 is a vulnerability in Mozilla Firefox, classified under Improper Input Validation. Published 2013-08-07.
Is CVE-2013-1710 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.