CVE-2013-1671

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-1671 at MITRE

Description

Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

SUSE information

SUSE Bugzilla entry: 819204

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • MozillaFirefox >= 21.0-1.18.1
  • MozillaFirefox-branding-openSUSE >= 21-2.5.1
  • MozillaFirefox-branding-upstream >= 21.0-1.18.1
  • MozillaFirefox-buildsymbols >= 21.0-1.18.1
  • MozillaFirefox-debuginfo >= 21.0-1.18.1
  • MozillaFirefox-debugsource >= 21.0-1.18.1
  • MozillaFirefox-devel >= 21.0-1.18.1
  • MozillaFirefox-translations-common >= 21.0-1.18.1
  • MozillaFirefox-translations-other >= 21.0-1.18.1
  • mozilla-nspr >= 4.9.6-1.7.1
  • mozilla-nspr-32bit >= 4.9.6-1.7.1
  • mozilla-nspr-debuginfo >= 4.9.6-1.7.1
  • mozilla-nspr-debuginfo-32bit >= 4.9.6-1.7.1
  • mozilla-nspr-debugsource >= 4.9.6-1.7.1
  • mozilla-nspr-devel >= 4.9.6-1.7.1
Patchnames:
openSUSE-2013-438
openSUSE Evergreen 11.4
  • MozillaFirefox >= 21.0-75.2
  • MozillaFirefox-branding-openSUSE >= 21-16.1
  • MozillaFirefox-branding-upstream >= 21.0-75.2
  • MozillaFirefox-buildsymbols >= 21.0-75.2
  • MozillaFirefox-debuginfo >= 21.0-75.2
  • MozillaFirefox-debugsource >= 21.0-75.2
  • MozillaFirefox-devel >= 21.0-75.2
  • MozillaFirefox-translations-common >= 21.0-75.2
  • MozillaFirefox-translations-other >= 21.0-75.2
  • MozillaThunderbird >= 17.0.6-61.2
  • MozillaThunderbird-buildsymbols >= 17.0.6-61.2
  • MozillaThunderbird-debuginfo >= 17.0.6-61.2
  • MozillaThunderbird-debugsource >= 17.0.6-61.2
  • MozillaThunderbird-devel >= 17.0.6-61.2
  • MozillaThunderbird-devel-debuginfo >= 17.0.6-61.2
  • MozillaThunderbird-translations-common >= 17.0.6-61.2
  • MozillaThunderbird-translations-other >= 17.0.6-61.2
  • enigmail >= 1.5.1+17.0.6-61.2
  • enigmail-debuginfo >= 1.5.1+17.0.6-61.2
Patchnames:
2013-85