Published: 18/09/2013 Updated: 19/09/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

The IonMonkey JavaScript engine in Mozilla Firefox prior to 24.0, Thunderbird prior to 24.0, and SeaMonkey prior to 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote malicious users to obtain sensitive information via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla seamonkey 2.13.2
mozilla seamonkey 2.13.1
mozilla seamonkey 2.13
mozilla seamonkey 2.12.1
mozilla seamonkey 2.12
mozilla seamonkey 2.11
mozilla seamonkey 2.10
mozilla seamonkey 2.1
mozilla seamonkey 2.0.5
mozilla seamonkey 2.0.4
mozilla seamonkey 2.0.10
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0
mozilla seamonkey 2.20
mozilla seamonkey 2.18
mozilla seamonkey 2.17
mozilla seamonkey 2.16
mozilla seamonkey 2.15.2
mozilla seamonkey 2.15
mozilla seamonkey 2.14
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0.8
mozilla seamonkey 2.0.14
mozilla seamonkey 2.0.13
mozilla seamonkey
mozilla seamonkey 2.19
mozilla seamonkey 2.17.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.16.2
mozilla seamonkey 2.16.1
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.6
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.11
mozilla thunderbird 17.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.6
mozilla thunderbird 17.0
mozilla thunderbird 17.0.7
mozilla thunderbird 17.0.8
mozilla thunderbird
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.4
mozilla firefox 19.0.2
mozilla firefox
mozilla firefox 23.0
mozilla firefox 22.0
mozilla firefox 21.0
mozilla firefox 20.0.1
mozilla firefox 20.0
mozilla firefox 19.0.1
mozilla firefox 19.0

Several security issues were fixed in Thunderbird ...

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Mozilla Foundation Security Advisory 2013-85 Uninitialized data in IonMonkey Announced September 17, 2013 Reporter Dan Gohman Impact Moderate Products Firefox, SeaMonkey, Thunderbird Fixed in ...

The IonMonkey JavaScript engine in Mozilla Firefox before 240, Thunderbird before 240, and SeaMonkey before 221, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors ...

CWE-119 http://www.mozilla.org/security/announce/2013/mfsa2013-85.html https://bugzilla.mozilla.org/show_bug.cgi?id=883686 http://www.ubuntu.com/usn/USN-1952-1 http://www.ubuntu.com/usn/USN-1951-1 http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00059.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html http://www.securityfocus.com/bid/62468 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18902 https://nvd.nist.gov https://usn.ubuntu.com/1952-1/https://access.redhat.com/security/cve/cve-2013-1728

CVE-2013-1728

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect