CVE-2013-0774

Medium

4.3/10

Summary

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Feb 19, 2013

CVE-2013-0774

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS