New Search

The PreserveWrapper implementation in Mozilla Firefox before 22.0 Firefox ESR 17.x before 17.0.7 Thunderbird before 17.0.7 and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag

oval:org.mitre.oval:def:17405

The PreserveWrapper implementation in Mozilla Firefox before 22.0 Firefox ESR 17.x before 17.0.7 Thunderbird before 17.0.7 and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows Server 2012
  • Microsoft Windows 2000
  • Microsoft Windows 8
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
  • Microsoft Windows 7
  • Microsoft Windows Server 2008
Class:
vulnerability
Reference(s):
  • CVE-2013-1694
Product(s):
  • Mozilla Firefox
  • Mozilla Thunderbird ESR
  • Mozilla Firefox ESR
  • Mozilla Thunderbird