The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
No history.
Information
Published : 2013-12-11 15:55
Updated : 2024-02-04 18:16
NVD link : CVE-2013-6671
Mitre link : CVE-2013-6671
CVE.ORG link : CVE-2013-6671
JSON object : View
Products Affected
redhat
- enterprise_linux_server_eus
- enterprise_linux_server_tus
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_server_aus
- enterprise_linux_eus
- enterprise_linux_desktop
fedoraproject
- fedora
opensuse
- opensuse
mozilla
- seamonkey
- firefox
- thunderbird
- firefox_esr
suse
- suse_linux_enterprise_desktop
- suse_linux_enterprise_server
- suse_linux_enterprise_software_development_kit
canonical
- ubuntu_linux
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')