Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

CVE-2013-0752 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.

Learn more about our Cis Benchmark Audit For Bind.