CVE-2013-6671

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

Published: Dec 11, 2013
Updated: Nov 9, 2025
CVE: CVE-2013-6671
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
mozilla / firefox_esr	24.0	24.2
mozilla / firefox	-	26.0
mozilla / thunderbird	-	24.2
mozilla / seamonkey	-	2.23
canonical / ubuntu_linux	13.04	13.04.x
canonical / ubuntu_linux	13.10	13.10.x
canonical / ubuntu_linux	12.10	12.10.x
canonical / ubuntu_linux	12.04	12.04.x
redhat / enterprise_linux_server	5.0	5.0.x
redhat / enterprise_linux_server_eus	6.5	6.5.x
redhat / enterprise_linux_workstation	5.0	5.0.x
redhat / enterprise_linux_server_aus	6.5	6.5.x
redhat / enterprise_linux_server_tus	6.5	6.5.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
redhat / enterprise_linux_desktop	5.0	5.0.x
redhat / enterprise_linux_eus	6.5	6.5.x
opensuse / opensuse	12.3	12.3.x
suse / suse_linux_enterprise_software_development_kit	11.0-sp3	11.0-sp3.x
opensuse / opensuse	12.2	12.2.x
opensuse / opensuse	13.1	13.1.x
suse / suse_linux_enterprise_desktop	11-sp3	11-sp3.x
suse / suse_linux_enterprise_server	11-sp3	11-sp3.x
fedoraproject / fedora	18	18.x
fedoraproject / fedora	20	20.x
fedoraproject / fedora	19	19.x

Vulnerability Database

308,485

CVE-2013-6671

Deep Security Visibility Without the Complexity