Denial of Service Vulnerability in Mozilla Firefox and SeaMonkey
CVE-2013-5607

Currently unrated

Key Information:

Vendor: Mozilla
Status: Netscape Portable Runtime
Vendor: CVE Published:; 20 November 2013

What is CVE-2013-5607?

An integer overflow issue in the PL_ArenaAllocate function of Mozilla's NSPR library can cause instability in affected applications, potentially leading to a denial of service through crafted X.509 certificates. This vulnerability impacts various versions of Firefox and SeaMonkey, allowing attackers to exploit the flaw and crash the application, thereby disrupting user access and functionality.

References

http://www.oracle.com/technetwork/topics/security/ovmbull...

x_refsource_CONFIRM

http://www.debian.org/security/2013/dsa-2820

vendor-advisoryx_refsource_DEBIAN

https://security.gentoo.org/glsa/201504-01

vendor-advisoryx_refsource_GENTOO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2013
Vulnerability Reserved
Aug 26, 2013