CVE-2013-1707 — Vulnetix

CVE-2013-1707 PUBLISHED CVSS 7.199999809265137 HIGH

Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service.

EPSS 0.05% · 16.1th percentile

Risk Scores

CVSS 2.0

7.199999809265137

EPSS Score

0.05%

16.1th percentile

Affected Products

Vendor	Product	Versions
mozilla	thunderbird	17.0, 0, 17.0.1
mozilla	firefox	17.0.7, 19.0.1, 19.0
mozilla	thunderbird_esr	17.0, 17.0.1, 17.0.2
n/a	n/a	n/a

Exploit Intelligence

oval:org.mitre.oval:def:18871 (circl)
https://bugzilla.mozilla.org/show_bug.cgi?id=888314 (circl)
http://www.mozilla.org/security/announce/2013/mfsa2013-66.html (circl)

Timeline

Aug 7, 2013 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

Open in Interactive Console →