CVE-2013-0765

Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Published: Feb 20, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-0765
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mozilla / seamonkey	-	2.16
mozilla / firefox	-	19.0
opensuse / opensuse	11.4	11.4.x
opensuse / opensuse	12.2	12.2.x
opensuse / opensuse	12.1	12.1.x
canonical / ubuntu_linux	11.10	11.10.x
canonical / ubuntu_linux	12.10	12.10.x
canonical / ubuntu_linux	12.04	12.04.x
canonical / ubuntu_linux	10.04	10.04.x

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html
http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html
http://www.mozilla.org/security/announce/2013/mfsa2013-23.html
http://www.ubuntu.com/usn/USN-1729-1
http://www.ubuntu.com/usn/USN-1729-2
https://bugzilla.mozilla.org/show_bug.cgi?id=830614
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17097

Vulnerability Database

289,871

CVE-2013-0765