Attacker Value
Unknown
CVE-2013-1690
CVE-2013-1690
(Last updated October 22, 2024) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Metasploit Module
Description
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
8.8 High
Impact Score:
5.9
Exploitability Score:
2.8
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
Required
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Products
- debian linux 7.0,
- enterprise linux desktop 5.0,
- enterprise linux desktop 6.0,
- enterprise linux eus 5.9,
- enterprise linux eus 6.4,
- enterprise linux server 5.0,
- enterprise linux server 6.0,
- enterprise linux server aus 5.9,
- enterprise linux server aus 6.4,
- enterprise linux workstation 5.0,
- enterprise linux workstation 6.0,
- firefox,
- gluster storage server for on-premise 2.0,
- linux enterprise desktop 10,
- linux enterprise desktop 11,
- linux enterprise server 10,
- linux enterprise server 11,
- linux enterprise software development kit 10,
- linux enterprise software development kit 11,
- opensuse 11.4,
- opensuse 12.2,
- opensuse 12.3,
- thunderbird,
- thunderbird esr,
- ubuntu linux 12.04,
- ubuntu linux 12.10,
- ubuntu linux 13.04
Metasploit Modules
References
Advisory
