← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

Candidate: CVE-2013-0797
PublicDate: 2013-04-03
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0797
 http://www.mozilla.org/security/announce/2013/mfsa2013-34.html
Description:
 Untrusted search path vulnerability in the Mozilla Updater in Mozilla
 Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before
 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17
 allows local users to gain privileges via a Trojan horse DLL file in an
 unspecified directory.
Ubuntu-Description: 
Notes: 
 jdstrand> xulrunner-1.9.2 unmaintained upstream (see README.mozilla for
  details)
 chrisccoulson> Only affects builds with Mozilla's updater enabled
Bugs: 
Priority: medium
Discovered-by: 
Assigned-to: chrisccoulson

Patches_firefox:
upstream_firefox: released (20.0)
hardy_firefox: ignored (reached end-of-life)
lucid_firefox: not-affected
oneiric_firefox: not-affected
precise_firefox: not-affected
quantal_firefox: not-affected
devel_firefox: not-affected

Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: needs-triage
hardy_xulrunner-1.9.2: ignored (reached end-of-life)
lucid_xulrunner-1.9.2: ignored (see notes)
oneiric_xulrunner-1.9.2: DNE
precise_xulrunner-1.9.2: DNE
quantal_xulrunner-1.9.2: DNE
devel_xulrunner-1.9.2: DNE

Patches_xulrunner-2.0:
upstream_xulrunner-2.0: needs-triage
hardy_xulrunner-2.0: DNE
lucid_xulrunner-2.0: DNE
oneiric_xulrunner-2.0: DNE
precise_xulrunner-2.0: DNE
quantal_xulrunner-2.0: DNE
devel_xulrunner-2.0: DNE


Patches_seamonkey:
upstream_seamonkey: pending (2.17)
hardy_seamonkey: ignored (reached end-of-life)
lucid_seamonkey: not-affected
oneiric_seamonkey: not-affected
precise_seamonkey: DNE
quantal_seamonkey: DNE
devel_seamonkey: DNE


Patches_thunderbird:
upstream_thunderbird: released (17.0.5)
hardy_thunderbird: ignored (reached end-of-life)
lucid_thunderbird: not-affected
oneiric_thunderbird: not-affected
precise_thunderbird: not-affected
quantal_thunderbird: not-affected
devel_thunderbird: not-affected