CVE-2013-1738

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-1738 at MITRE

Description

Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.

NVD CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

SUSE information

SUSE Bugzilla entry: 840485

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • MozillaFirefox >= 24.0-1.33.1
  • MozillaFirefox-branding-upstream >= 24.0-1.33.1
  • MozillaFirefox-buildsymbols >= 24.0-1.33.1
  • MozillaFirefox-debuginfo >= 24.0-1.33.1
  • MozillaFirefox-debugsource >= 24.0-1.33.1
  • MozillaFirefox-devel >= 24.0-1.33.1
  • MozillaFirefox-translations-common >= 24.0-1.33.1
  • MozillaFirefox-translations-other >= 24.0-1.33.1
  • MozillaThunderbird >= 24.0-61.25.2
  • MozillaThunderbird-buildsymbols >= 24.0-61.25.2
  • MozillaThunderbird-debuginfo >= 24.0-61.25.2
  • MozillaThunderbird-debugsource >= 24.0-61.25.2
  • MozillaThunderbird-devel >= 24.0-61.25.2
  • MozillaThunderbird-translations-common >= 24.0-61.25.2
  • MozillaThunderbird-translations-other >= 24.0-61.25.2
  • enigmail >= 1.5.2+24.0-61.25.2
  • enigmail-debuginfo >= 1.5.2+24.0-61.25.2
  • seamonkey >= 2.21-1.21.2
  • seamonkey-debuginfo >= 2.21-1.21.2
  • seamonkey-debugsource >= 2.21-1.21.2
  • seamonkey-dom-inspector >= 2.21-1.21.2
  • seamonkey-irc >= 2.21-1.21.2
  • seamonkey-translations-common >= 2.21-1.21.2
  • seamonkey-translations-other >= 2.21-1.21.2
  • seamonkey-venkman >= 2.21-1.21.2
Patchnames:
openSUSE-2013-718
openSUSE-2013-719
openSUSE-2013-720
openSUSE Evergreen 11.4
  • MozillaFirefox >= 24.8.0-127.1
  • MozillaFirefox-branding-upstream >= 24.8.0-127.1
  • MozillaFirefox-buildsymbols >= 24.8.0-127.1
  • MozillaFirefox-debuginfo >= 24.8.0-127.1
  • MozillaFirefox-debugsource >= 24.8.0-127.1
  • MozillaFirefox-devel >= 24.8.0-127.1
  • MozillaFirefox-translations-common >= 24.8.0-127.1
  • MozillaFirefox-translations-other >= 24.8.0-127.1
  • MozillaThunderbird >= 24.0-73.3
  • MozillaThunderbird-buildsymbols >= 24.0-73.3
  • MozillaThunderbird-debuginfo >= 24.0-73.3
  • MozillaThunderbird-debugsource >= 24.0-73.3
  • MozillaThunderbird-devel >= 24.0-73.3
  • MozillaThunderbird-translations-common >= 24.0-73.3
  • MozillaThunderbird-translations-other >= 24.0-73.3
  • enigmail >= 1.5.2+24.0-73.3
  • libfreebl3 >= 3.16.4-94.1
  • libfreebl3-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo >= 3.16.4-94.1
  • libfreebl3-debuginfo-32bit >= 3.16.4-94.1
  • libfreebl3-debuginfo-x86 >= 3.16.4-94.1
  • libfreebl3-x86 >= 3.16.4-94.1
  • libsoftokn3 >= 3.16.4-94.1
  • libsoftokn3-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo >= 3.16.4-94.1
  • libsoftokn3-debuginfo-32bit >= 3.16.4-94.1
  • libsoftokn3-debuginfo-x86 >= 3.16.4-94.1
  • libsoftokn3-x86 >= 3.16.4-94.1
  • mozilla-nss >= 3.16.4-94.1
  • mozilla-nss-32bit >= 3.16.4-94.1
  • mozilla-nss-certs >= 3.16.4-94.1
  • mozilla-nss-certs-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-certs-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-certs-x86 >= 3.16.4-94.1
  • mozilla-nss-debuginfo >= 3.16.4-94.1
  • mozilla-nss-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-debugsource >= 3.16.4-94.1
  • mozilla-nss-devel >= 3.16.4-94.1
  • mozilla-nss-sysinit >= 3.16.4-94.1
  • mozilla-nss-sysinit-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-32bit >= 3.16.4-94.1
  • mozilla-nss-sysinit-debuginfo-x86 >= 3.16.4-94.1
  • mozilla-nss-sysinit-x86 >= 3.16.4-94.1
  • mozilla-nss-tools >= 3.16.4-94.1
  • mozilla-nss-tools-debuginfo >= 3.16.4-94.1
  • mozilla-nss-x86 >= 3.16.4-94.1
  • seamonkey >= 2.21-77.3
  • seamonkey-debuginfo >= 2.21-77.3
  • seamonkey-debugsource >= 2.21-77.3
  • seamonkey-dom-inspector >= 2.21-77.3
  • seamonkey-irc >= 2.21-77.3
  • seamonkey-translations-common >= 2.21-77.3
  • seamonkey-translations-other >= 2.21-77.3
  • seamonkey-venkman >= 2.21-77.3
Patchnames:
2013-141
2014-82