CVE-2013-5598

NONECVSS 0.0

0.0

PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.

🔗 References (12)

security@mozillahttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html
security@mozillahttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html
security@mozillahttp://www.mozilla.org/security/announce/2013/mfsa2013-99.html
security@mozillahttps://bugzilla.mozilla.org/show_bug.cgi?id=920515
security@mozillahttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19133
security@mozillahttps://security.gentoo.org/glsa/201504-01
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2013/mfsa2013-99.html
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=920515
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19133
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201504-01

Is Your Infrastructure Affected by CVE-2013-5598?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-5598

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-5598?