CVE-2013-1690 (GCVE-0-2013-1690)

Vulnerability from cvelistv5 – Published: 2013-06-26 01:00 – Updated: 2025-10-22 00:05
VLAI? CISA KEV
Summary
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
  • n/a
Assigner
References
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 13b3fd02-b777-4bd6-89e2-d6e5159cec73

Vulnerability ID: CVE-2013-1690

Status: Confirmed

Status Updated: 2022-03-28 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-03-28
Asserted: 2022-03-28
Scope
Notes: KEV entry: Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability | Affected: Mozilla / Firefox and Thunderbird | Description: Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site. | Required action: Apply updates per vendor instructions. | Due date: 2022-04-18 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2013-1690
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes CWE-119
Feed CISA Known Exploited Vulnerabilities Catalog
Product Firefox and Thunderbird
Due Date 2022-04-18
Date Added 2022-03-28
Vendorproject Mozilla
Vulnerabilityname Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:13:32.269Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1890-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1890-1"
          },
          {
            "name": "RHSA-2013:0982",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0982.html"
          },
          {
            "name": "SUSE-SU-2013:1153",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html"
          },
          {
            "name": "SUSE-SU-2013:1152",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=857883"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-53.html"
          },
          {
            "name": "RHSA-2013:0981",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0981.html"
          },
          {
            "name": "USN-1891-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1891-1"
          },
          {
            "name": "openSUSE-SU-2013:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html"
          },
          {
            "name": "DSA-2716",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2716"
          },
          {
            "name": "oval:org.mitre.oval:def:16996",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996"
          },
          {
            "name": "openSUSE-SU-2013:1142",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html"
          },
          {
            "name": "openSUSE-SU-2013:1140",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html"
          },
          {
            "name": "DSA-2720",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2720"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=901365"
          },
          {
            "name": "60778",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/60778"
          },
          {
            "name": "openSUSE-SU-2013:1143",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2013-1690",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T12:51:14.546232Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-28",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1690"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-119",
                "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T00:05:41.588Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1690"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-28T00:00:00+00:00",
            "value": "CVE-2013-1690 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "name": "USN-1890-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1890-1"
        },
        {
          "name": "RHSA-2013:0982",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0982.html"
        },
        {
          "name": "SUSE-SU-2013:1153",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html"
        },
        {
          "name": "SUSE-SU-2013:1152",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=857883"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-53.html"
        },
        {
          "name": "RHSA-2013:0981",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0981.html"
        },
        {
          "name": "USN-1891-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1891-1"
        },
        {
          "name": "openSUSE-SU-2013:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html"
        },
        {
          "name": "DSA-2716",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2716"
        },
        {
          "name": "oval:org.mitre.oval:def:16996",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996"
        },
        {
          "name": "openSUSE-SU-2013:1142",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html"
        },
        {
          "name": "openSUSE-SU-2013:1140",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html"
        },
        {
          "name": "DSA-2720",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2720"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=901365"
        },
        {
          "name": "60778",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/60778"
        },
        {
          "name": "openSUSE-SU-2013:1143",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2013-1690",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-1890-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1890-1"
            },
            {
              "name": "RHSA-2013:0982",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0982.html"
            },
            {
              "name": "SUSE-SU-2013:1153",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html"
            },
            {
              "name": "SUSE-SU-2013:1152",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=857883",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=857883"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-53.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-53.html"
            },
            {
              "name": "RHSA-2013:0981",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0981.html"
            },
            {
              "name": "USN-1891-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1891-1"
            },
            {
              "name": "openSUSE-SU-2013:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html"
            },
            {
              "name": "DSA-2716",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2716"
            },
            {
              "name": "oval:org.mitre.oval:def:16996",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996"
            },
            {
              "name": "openSUSE-SU-2013:1142",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html"
            },
            {
              "name": "openSUSE-SU-2013:1140",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html"
            },
            {
              "name": "DSA-2720",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2720"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=901365",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=901365"
            },
            {
              "name": "60778",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/60778"
            },
            {
              "name": "openSUSE-SU-2013:1143",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2013-1690",
    "datePublished": "2013-06-26T01:00:00.000Z",
    "dateReserved": "2013-02-13T00:00:00.000Z",
    "dateUpdated": "2025-10-22T00:05:41.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2013-1690",
      "cwes": "[\"CWE-119\"]",
      "dateAdded": "2022-03-28",
      "dueDate": "2022-04-18",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2013-1690",
      "product": "Firefox and Thunderbird",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.",
      "vendorProject": "Mozilla",
      "vulnerabilityName": "Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-04-18",
      "cisaExploitAdd": "2022-03-28",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"22.0\", \"matchCriteriaId\": \"B0321165-FB26-4E37-B9EC-E09FF46034B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.0\", \"versionEndExcluding\": \"17.0.7\", \"matchCriteriaId\": \"56FCDE03-FF73-45AE-8100-44BD50C4BD27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"17.0.7\", \"matchCriteriaId\": \"945D0C7E-E76B-4E80-A78E-8FC59E0579E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.0\", \"versionEndExcluding\": \"17.0.7\", \"matchCriteriaId\": \"D30B82F9-F16D-48C8-BFC4-1F4FA628B9E2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\", \"matchCriteriaId\": \"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2076871-2E80-4605-A470-A41C1A8EC7EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFAA48D9-BEB4-4E49-AD50-325C262D46D9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59D47E43-886E-4114-96A2-DBE719EA3A89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"133AAFA7-AF42-4D7B-8822-AA2E85611BF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6252E88C-27FF-420D-A64A-C34124CF7E6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A8E07B7-3739-4BEB-88F8-C7F62431E889\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54D669D4-6D7E-449D-80C1-28FA44F06FFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92C9F1C4-55B0-426D-BB5E-01372C23AF97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF83BB87-B203-48F9-9D06-48A5FE399050\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0AC5CD5-6E58-433C-9EB3-6DFE5656463E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE554781-1EB9-446E-911F-6C11970C47F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D806A17E-B8F9-466D-807D-3F1E77603DC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*\", \"matchCriteriaId\": \"4339DE06-19FB-4B8E-B6AE-3495F605AD05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"00720D8C-3FF3-4B1C-B74B-91F01A544399\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ED68ADD-BBDA-4485-BC76-58F011D72311\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*\", \"matchCriteriaId\": \"D1D7B467-58DD-45F1-9F1F-632620DF072A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*\", \"matchCriteriaId\": \"7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:vmware:*:*\", \"matchCriteriaId\": \"DB9BBC2E-7D91-4879-898A-520D2D758D1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*\", \"matchCriteriaId\": \"88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*\", \"matchCriteriaId\": \"DB4D6749-81A1-41D7-BF4F-1C45A7F49A22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\", \"matchCriteriaId\": \"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\", \"matchCriteriaId\": \"2470C6E8-2024-4CF5-9982-CFF50E88EAE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"436EF2ED-FDBB-4B64-8EC4-33C3E4253F06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F7F8866-DEAD-44D1-AB10-21EE611AA026\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.\"}, {\"lang\": \"es\", \"value\": \"Mozilla Firefox anterior a 22.0, Firefox ESR 17.x anterior a 17.0.7, Thunderbird anterior a 17.0.7, y Thunderbird ESR 17.x anterior a 17.0.7 no manejan adecuadamente los eventos \\\"onreadystatechange\\\" en conjunci\\u00f3n con las recargas de p\\u00e1gina, lo que permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (ca\\u00edda de aplicaci\\u00f3n) o posiblemente la ejecuci\\u00f3n arbitraria de c\\u00f3digo a trav\\u00e9s de un sitio web manipulado que provoca un intento de ejecuci\\u00f3n de datos y una asignaci\\u00f3n de memoria sin mapear.\"}]",
      "id": "CVE-2013-1690",
      "lastModified": "2024-12-20T03:55:02.500",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2013-06-26T03:19:10.793",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0981.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0982.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2716\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2720\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/60778\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1890-1\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1891-1\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0981.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0982.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2716\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2720\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/60778\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1890-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1891-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
      "sourceIdentifier": "security@mozilla.org",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-1690\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2013-06-26T03:19:10.793\",\"lastModified\":\"2025-10-22T01:15:48.563\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.\"},{\"lang\":\"es\",\"value\":\"Mozilla Firefox anterior a 22.0, Firefox ESR 17.x anterior a 17.0.7, Thunderbird anterior a 17.0.7, y Thunderbird ESR 17.x anterior a 17.0.7 no manejan adecuadamente los eventos \\\"onreadystatechange\\\" en conjunci\u00f3n con las recargas de p\u00e1gina, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente la ejecuci\u00f3n arbitraria de c\u00f3digo a trav\u00e9s de un sitio web manipulado que provoca un intento de ejecuci\u00f3n de datos y una asignaci\u00f3n de memoria sin mapear.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2022-03-28\",\"cisaActionDue\":\"2022-04-18\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.0\",\"matchCriteriaId\":\"B0321165-FB26-4E37-B9EC-E09FF46034B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.0.7\",\"matchCriteriaId\":\"56FCDE03-FF73-45AE-8100-44BD50C4BD27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.0.7\",\"matchCriteriaId\":\"945D0C7E-E76B-4E80-A78E-8FC59E0579E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.0.7\",\"matchCriteriaId\":\"D30B82F9-F16D-48C8-BFC4-1F4FA628B9E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFAA48D9-BEB4-4E49-AD50-325C262D46D9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59D47E43-886E-4114-96A2-DBE719EA3A89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"133AAFA7-AF42-4D7B-8822-AA2E85611BF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6252E88C-27FF-420D-A64A-C34124CF7E6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A8E07B7-3739-4BEB-88F8-C7F62431E889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D669D4-6D7E-449D-80C1-28FA44F06FFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92C9F1C4-55B0-426D-BB5E-01372C23AF97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF83BB87-B203-48F9-9D06-48A5FE399050\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0AC5CD5-6E58-433C-9EB3-6DFE5656463E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE554781-1EB9-446E-911F-6C11970C47F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D806A17E-B8F9-466D-807D-3F1E77603DC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*\",\"matchCriteriaId\":\"4339DE06-19FB-4B8E-B6AE-3495F605AD05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"00720D8C-3FF3-4B1C-B74B-91F01A544399\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED68ADD-BBDA-4485-BC76-58F011D72311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*\",\"matchCriteriaId\":\"D1D7B467-58DD-45F1-9F1F-632620DF072A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:vmware:*:*\",\"matchCriteriaId\":\"DB9BBC2E-7D91-4879-898A-520D2D758D1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*\",\"matchCriteriaId\":\"88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"DB4D6749-81A1-41D7-BF4F-1C45A7F49A22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"2470C6E8-2024-4CF5-9982-CFF50E88EAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"436EF2ED-FDBB-4B64-8EC4-33C3E4253F06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7F8866-DEAD-44D1-AB10-21EE611AA026\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0981.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0982.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2716\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2720\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/60778\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1890-1\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1891-1\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0981.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0982.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2716\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/60778\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1890-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1891-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1690\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.ubuntu.com/usn/USN-1890-1\", \"name\": \"USN-1890-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0982.html\", \"name\": \"RHSA-2013:0982\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html\", \"name\": \"SUSE-SU-2013:1153\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html\", \"name\": \"SUSE-SU-2013:1152\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0981.html\", \"name\": \"RHSA-2013:0981\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1891-1\", \"name\": \"USN-1891-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html\", \"name\": \"openSUSE-SU-2013:1141\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2716\", \"name\": \"DSA-2716\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996\", \"name\": \"oval:org.mitre.oval:def:16996\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html\", \"name\": \"openSUSE-SU-2013:1142\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html\", \"name\": \"openSUSE-SU-2013:1140\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2720\", \"name\": \"DSA-2720\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/60778\", \"name\": \"60778\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html\", \"name\": \"openSUSE-SU-2013:1143\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T15:13:32.269Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2013-1690\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T12:51:14.546232Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-28\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1690\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-28T00:00:00+00:00\", \"value\": \"CVE-2013-1690 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1690\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T12:48:50.290Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2013-06-25T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.ubuntu.com/usn/USN-1890-1\", \"name\": \"USN-1890-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0982.html\", \"name\": \"RHSA-2013:0982\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html\", \"name\": \"SUSE-SU-2013:1153\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html\", \"name\": \"SUSE-SU-2013:1152\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0981.html\", \"name\": \"RHSA-2013:0981\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1891-1\", \"name\": \"USN-1891-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html\", \"name\": \"openSUSE-SU-2013:1141\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2716\", \"name\": \"DSA-2716\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996\", \"name\": \"oval:org.mitre.oval:def:16996\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html\", \"name\": \"openSUSE-SU-2013:1142\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html\", \"name\": \"openSUSE-SU-2013:1140\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.debian.org/security/2013/dsa-2720\", \"name\": \"DSA-2720\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/60778\", \"name\": \"60778\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html\", \"name\": \"openSUSE-SU-2013:1143\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2017-09-18T12:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.ubuntu.com/usn/USN-1890-1\", \"name\": \"USN-1890-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0982.html\", \"name\": \"RHSA-2013:0982\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html\", \"name\": \"SUSE-SU-2013:1153\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html\", \"name\": \"SUSE-SU-2013:1152\", \"refsource\": \"SUSE\"}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\", \"name\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=857883\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\", \"name\": \"http://www.mozilla.org/security/announce/2013/mfsa2013-53.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0981.html\", \"name\": \"RHSA-2013:0981\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1891-1\", \"name\": \"USN-1891-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html\", \"name\": \"openSUSE-SU-2013:1141\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2716\", \"name\": \"DSA-2716\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996\", \"name\": \"oval:org.mitre.oval:def:16996\", \"refsource\": \"OVAL\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html\", \"name\": \"openSUSE-SU-2013:1142\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html\", \"name\": \"openSUSE-SU-2013:1140\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2720\", \"name\": \"DSA-2720\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\", \"name\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=901365\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/60778\", \"name\": \"60778\", \"refsource\": \"BID\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html\", \"name\": \"openSUSE-SU-2013:1143\", \"refsource\": \"SUSE\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2013-1690\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@mozilla.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2013-1690\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-22T00:05:41.588Z\", \"dateReserved\": \"2013-02-13T00:00:00.000Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2013-06-26T01:00:00.000Z\", \"assignerShortName\": \"mozilla\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.