CVE-2013-1675 Information

Feb 14, 2021 cve

Description

Mozilla Firefox before 21.0 Firefox ESR 17.x before 17.0.6 Thunderbird before 17.0.6 and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

Reference

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html http://rhn.redhat.com/errata/RHSA-2013-0820.html http://rhn.redhat.com/errata/RHSA-2013-0821.html http://www.debian.org/security/2013/dsa-2699 http://www.mandriva.com/security/advisories?name=MDVSA-2013:165 http://www.mozilla.org/security/announce/2013/mfsa2013-47.html http://www.securityfocus.com/bid/59858 http://www.ubuntu.com/usn/USN-1822-1 http://www.ubuntu.com/usn/USN-1823-1 https://bugzilla.mozilla.org/show_bug.cgi?id=866825 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A16976

Share on: