CVE-2013-1675

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-1675 at MITRE

Description

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
CVSS v2 Scores
  National Vulnerability Database
Base Score 4.30
Vector AV:N/AC:M/Au:N/C:P/I:N/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None

SUSE information

SUSE Bugzilla entry: 819204 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • MozillaFirefox >= 21.0-1.18.1
  • MozillaFirefox-branding-openSUSE >= 21-2.5.1
  • MozillaFirefox-branding-upstream >= 21.0-1.18.1
  • MozillaFirefox-buildsymbols >= 21.0-1.18.1
  • MozillaFirefox-debuginfo >= 21.0-1.18.1
  • MozillaFirefox-debugsource >= 21.0-1.18.1
  • MozillaFirefox-devel >= 21.0-1.18.1
  • MozillaFirefox-translations-common >= 21.0-1.18.1
  • MozillaFirefox-translations-other >= 21.0-1.18.1
  • MozillaThunderbird >= 17.0.6-61.13.1
  • MozillaThunderbird-buildsymbols >= 17.0.6-61.13.1
  • MozillaThunderbird-debuginfo >= 17.0.6-61.13.1
  • MozillaThunderbird-debugsource >= 17.0.6-61.13.1
  • MozillaThunderbird-devel >= 17.0.6-61.13.1
  • MozillaThunderbird-devel-debuginfo >= 17.0.6-61.13.1
  • MozillaThunderbird-translations-common >= 17.0.6-61.13.1
  • MozillaThunderbird-translations-other >= 17.0.6-61.13.1
  • enigmail >= 1.5.1+17.0.6-61.13.1
  • enigmail-debuginfo >= 1.5.1+17.0.6-61.13.1
  • mozilla-js >= 17.0.6-1.12.1
  • mozilla-js-32bit >= 17.0.6-1.12.1
  • mozilla-js-debuginfo >= 17.0.6-1.12.1
  • mozilla-js-debuginfo-32bit >= 17.0.6-1.12.1
  • mozilla-nspr >= 4.9.6-1.7.1
  • mozilla-nspr-32bit >= 4.9.6-1.7.1
  • mozilla-nspr-debuginfo >= 4.9.6-1.7.1
  • mozilla-nspr-debuginfo-32bit >= 4.9.6-1.7.1
  • mozilla-nspr-debugsource >= 4.9.6-1.7.1
  • mozilla-nspr-devel >= 4.9.6-1.7.1
  • xulrunner >= 17.0.6-1.12.1
  • xulrunner-32bit >= 17.0.6-1.12.1
  • xulrunner-buildsymbols >= 17.0.6-1.12.1
  • xulrunner-debuginfo >= 17.0.6-1.12.1
  • xulrunner-debuginfo-32bit >= 17.0.6-1.12.1
  • xulrunner-debugsource >= 17.0.6-1.12.1
  • xulrunner-devel >= 17.0.6-1.12.1
  • xulrunner-devel-debuginfo >= 17.0.6-1.12.1
Patchnames:
openSUSE-2013-438
openSUSE-2013-447
openSUSE-2013-448
openSUSE Evergreen 11.4
  • MozillaFirefox >= 24.8.0-127.1
  • MozillaFirefox-branding-openSUSE >= 21-16.1
  • MozillaFirefox-branding-upstream >= 24.8.0-127.1
  • MozillaFirefox-buildsymbols >= 24.8.0-127.1
  • MozillaFirefox-debuginfo >= 24.8.0-127.1
  • MozillaFirefox-debugsource >= 24.8.0-127.1
  • MozillaFirefox-devel >= 24.8.0-127.1
  • MozillaFirefox-translations-common >= 24.8.0-127.1
  • MozillaFirefox-translations-other >= 24.8.0-127.1
  • MozillaThunderbird >= 17.0.6-61.2
  • MozillaThunderbird-buildsymbols >= 17.0.6-61.2
  • MozillaThunderbird-debuginfo >= 17.0.6-61.2
  • MozillaThunderbird-debugsource >= 17.0.6-61.2
  • MozillaThunderbird-devel >= 17.0.6-61.2
  • MozillaThunderbird-devel-debuginfo >= 17.0.6-61.2
  • MozillaThunderbird-translations-common >= 17.0.6-61.2
  • MozillaThunderbird-translations-other >= 17.0.6-61.2
  • enigmail >= 1.5.1+17.0.6-61.2
  • enigmail-debuginfo >= 1.5.1+17.0.6-61.2
  • libfreebl3 >= 3.16.4-94.1
  • libfreebl3-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo >= 3.16.4-94.1
  • libfreebl3-debuginfo-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo-x86 >= 3.16.4-94.1
  • libfreebl3-x86 >= 3.16.4-94.1
  • libsoftokn3 >= 3.16.4-94.1
  • libsoftokn3-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo >= 3.16.4-94.1
  • libsoftokn3-debuginfo-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo-x86 >= 3.16.4-94.1
  • libsoftokn3-x86 >= 3.16.4-94.1
  • mozilla-nss >= 3.16.4-94.1
  • mozilla-nss-32bit >= 3.16.4-94.1
  • mozilla-nss-certs >= 3.16.4-94.1
  • mozilla-nss-certs-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-certs-x86 >= 3.16.4-94.1
  • mozilla-nss-debuginfo >= 3.16.4-94.1
  • mozilla-nss-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-debugsource >= 3.16.4-94.1
  • mozilla-nss-devel >= 3.16.4-94.1
  • mozilla-nss-sysinit >= 3.16.4-94.1
  • mozilla-nss-sysinit-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-sysinit-x86 >= 3.16.4-94.1
  • mozilla-nss-tools >= 3.16.4-94.1
  • mozilla-nss-tools-debuginfo >= 3.16.4-94.1
  • mozilla-nss-x86 >= 3.16.4-94.1
Patchnames:
2013-85
2014-82