- Home
- CVEs with nessus.description==Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-1739, CVE-2013-5590, CVE-2013-5591, CVE-2013-5592)
Jordi Chancel discovered that HTML select elements could display arbitrary content. An attacker could potentially exploit this to conduct URL spoofing or clickjacking attacks (CVE-2013-5593)
Abhishek Arya discovered a crash when processing XSLT data in some circumstances. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox.
(CVE-2013-5604)
Dan Gohman discovered a flaw in the JavaScript engine. When combined with other vulnerabilities, an attacked could possibly exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5595)
Ezra Pool discovered a crash on extremely large pages. An attacked could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5596)
Byoungyoung Lee discovered a use-after-free when updating the offline cache. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5597)
Cody Crews discovered a way to append an iframe in to an embedded PDF object displayed with PDF.js. An attacked could potentially exploit this to read local files, leading to information disclosure.
(CVE-2013-5598)
Multiple use-after-free flaws were discovered in Firefox. An attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5599, CVE-2013-5600, CVE-2013-5601)
A memory corruption flaw was discovered in the JavaScript engine when using workers with direct proxies. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5602)
Abhishek Arya discovered a use-after-free when interacting with HTML document templates. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5603).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top