Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

CVE-2013-6671 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.