HIGH🇵🇱 Wersja polska

CVE-2013-0767

CVSS 10.0v2.0pub. 2013-01-13upd. 2026-04-29

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Canonical Ubuntu

    OS
    Canonical
    10.0411.1012.0412.10
  • Mozilla Firefox

    APP
    Mozilla
    < 18.010.0 – 10.0.12 (bez)17.0 – 17.0.2 (bez)
  • Mozilla Seamonkey

    APP
    Mozilla
    < 2.15
  • Mozilla Thunderbird

    APP
    Mozilla
    < 17.0.2
  • Mozilla Thunderbird Esr

    APP
    Mozilla
    17.0 – 17.0.2 (bez)10.0 – 10.0.12 (bez)
  • Opensuse

    OS
    Opensuse
    11.412.112.2
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    5.06.0
  • Red Hat Enterprise Linux Eus

    OS
    Redhat
    5.96.3
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    5.06.0
  • Red Hat Enterprise Linux Server Aus

    OS
    Redhat
    5.9
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    5.06.0
  • SUSE Linux Enterprise Desktop

    OS
    Suse
    1011
  • SUSE Linux Enterprise Server

    OS
    Suse
    1011
  • SUSE Linux Enterprise Software Development Kit

    OS
    Suse
    1011
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDoSMemory
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2024-9680CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Use-after-free w Animation timelines Firefox/Thunderbird — RCE

CVE-2022-26486CRITICAL9.6⚠ KEVten sam produkt

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escap...

CVE-2022-0543CRITICAL10.0⚠ KEVten sam produkt

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debia...

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...