Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 01:48
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html - Mailing List, Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2013-0144.html - Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2013-0145.html - Third Party Advisory | |
References | () http://www.mozilla.org/security/announce/2013/mfsa2013-05.html - Vendor Advisory | |
References | () http://www.ubuntu.com/usn/USN-1681-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-1681-2 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-1681-4 - Third Party Advisory | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=814713 - Issue Tracking, Patch, Vendor Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17007 - Third Party Advisory |
21 Oct 2024, 13:55
Type | Values Removed | Values Added |
---|---|---|
CPE |
Information
Published : 2013-01-13 20:55
Updated : 2024-11-21 01:48
NVD link : CVE-2013-0744
Mitre link : CVE-2013-0744
CVE.ORG link : CVE-2013-0744
JSON object : View
Products Affected
mozilla
- seamonkey
- thunderbird
- thunderbird_esr
- firefox
opensuse
- opensuse
canonical
- ubuntu_linux
redhat
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_eus
- enterprise_linux_desktop
suse
- linux_enterprise_server
- linux_enterprise_software_development_kit
- linux_enterprise_desktop
CWE
CWE-416
Use After Free