Vulnerability in Mozilla Firefox
CVE-2013-5599
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24…
EPSS: 0.027 (86.2th percentile) — read the EPSS interpretation.
Affected products
- Mozilla Firefox — versions 19.0, 19.0.1, 19.0.2
- Mozilla Seamonkey — versions 2.0, 2.0.1, 2.0.2
- Mozilla Thunderbird — versions 17.0, 17.0.1, 17.0.2
- Mozilla Thunderbird_esr — versions 17.0, 17.0.1, 17.0.2
- N/a — versions n/a
References
- security@mozilla.org (x_refsource_CONFIRM, Vendor Advisory)
- openSUSE-SU-2013:1633 (vendor-advisory, x_refsource_SUSE)
- GLSA-201504-01 (vendor-advisory, x_refsource_GENTOO)
- RHSA-2013:1480 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2013:1476 (x_refsource_REDHAT, vendor-advisory)
- oval:org.mitre.oval:def:19315 (x_refsource_OVAL, signature, vdb-entry)
- openSUSE-SU-2013:1634 (vendor-advisory, x_refsource_SUSE)
- DSA-2788 (vendor-advisory, x_refsource_DEBIAN)
- SUSE-SU-2013:1678 (vendor-advisory, x_refsource_SUSE)
- DSA-2797 (vendor-advisory, x_refsource_DEBIAN)