Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P
Vendors Products
Mozilla
  • Seamonkey
  • Netscape Portable Runtime
  • Firefox Esr
  • Firefox

Configuration 1 [-]

OR cpe:2.3:a:mozilla:netscape_portable_runtime:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:netscape_portable_runtime:4.10:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.10:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.10:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.10:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.11:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.11:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.11:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.11:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.11:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.11:beta6:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12:beta6:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13:beta6:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.13.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.14:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.14:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.14:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.14:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.14:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15:beta6:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.15.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.17:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.17:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.17:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.17:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.17.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.18:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.18:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.18:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.18:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.19:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.19:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.20:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.20:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.20:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.20:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.21:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.21:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.21:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.22:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.22:beta2:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:a:mozilla:firefox_esr:17.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:24.0.2:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:21.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:22.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:23.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:23.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*
References
Link Resource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00000.html
http://lists.opensuse.org/opensuse-updates/2013-11/msg00080.html
http://rhn.redhat.com/errata/RHSA-2013-1791.html
http://rhn.redhat.com/errata/RHSA-2013-1829.html
http://security.gentoo.org/glsa/glsa-201406-19.xml
http://www.debian.org/security/2013/dsa-2820
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/bid/63802
http://www.ubuntu.com/usn/USN-2031-1
http://www.ubuntu.com/usn/USN-2032-1
http://www.ubuntu.com/usn/USN-2087-1
https://bugzilla.mozilla.org/show_bug.cgi?id=927687
https://groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/_8AcygMEjSA/mm_cqQzLPFQJ
https://security.gentoo.org/glsa/201504-01
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2013-11-20T11:00:00

Updated: 2018-01-08T21:57:01

Reserved: 2013-08-26T00:00:00

Link: CVE-2013-5607

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2013-11-20T14:12:50.697

Modified: 2018-01-09T02:29:04.690

Link: CVE-2013-5607

JSON object: View

cve-icon Redhat Information

No data.

CWE