Vulnerability Details : CVE-2013-1690
Public exploit exists!
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
Vulnerability category: OverflowExecute codeDenial of service
CVE-2013-1690 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.
Added on
2022-03-28
Action due date
2022-04-18
Exploit prediction scoring system (EPSS) score for CVE-2013-1690
Probability of exploitation activity in the next 30 days: 6.40%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2013-1690
-
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
Disclosure Date: 2013-06-25First seen: 2020-04-26exploit/windows/browser/mozilla_firefox_onreadystatechangeThis module exploits a vulnerability found on Firefox 17.0.6, specifically a use after free of a DocumentViewerImpl object, triggered via a specially crafted web page using onreadystatechange events and the window.stop() API, as exploited in the wild on 2013 August t
CVSS scores for CVE-2013-1690
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2013-1690
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1690
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html
[security-announce] openSUSE-SU-2013:1140-1: important: regular updates
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html
[security-announce] openSUSE-SU-2013:1142-1: important: MozillaFirefox:
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html
[security-announce] SUSE-SU-2013:1153-1: important: Security update for
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996
Repository / Oval Repository
-
http://www.debian.org/security/2013/dsa-2716
Debian -- Security Information -- DSA-2716-1 iceweasel
-
http://www.debian.org/security/2013/dsa-2720
Debian -- Security Information -- DSA-2720-1 icedove
-
http://www.mozilla.org/security/announce/2013/mfsa2013-53.html
Execution of unmapped memory through onreadystatechange event — MozillaVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html
[security-announce] openSUSE-SU-2013:1143-1: important: xulrunner: 17.0.
-
http://www.ubuntu.com/usn/USN-1890-1
USN-1890-1: Firefox vulnerabilities | Ubuntu security notices
-
https://bugzilla.mozilla.org/show_bug.cgi?id=857883
857883 - (CVE-2013-1690) Crash with onreadystatechange and reload
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html
[security-announce] SUSE-SU-2013:1152-1: important: Security update for
-
https://bugzilla.mozilla.org/show_bug.cgi?id=901365
901365 - Firefox 0-day found on Tor .onion service (reported on Reddit)
-
http://www.securityfocus.com/bid/60778
Mozilla Firefox/Thunderbird CVE-2013-1690 Remote Code Execution Vulnerability
-
http://rhn.redhat.com/errata/RHSA-2013-0982.html
RHSA-2013:0982 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-0981.html
RHSA-2013:0981 - Security Advisory - Red Hat Customer Portal
-
http://www.ubuntu.com/usn/USN-1891-1
USN-1891-1: Thunderbird vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html
[security-announce] openSUSE-SU-2013:1141-1: important: MozillaThunderbi
Products affected by CVE-2013-1690
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:17.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:17.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:17.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:17.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:17.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:17.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird_esr:17.0.6:*:*:*:*:*:*:*