CVE-2013-0793
Published: 3 April 2013
Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Released
(20.0+build1-0ubuntu0.10.04.3)
|
|
| oneiric |
Released
(20.0+build1-0ubuntu0.11.10.3)
|
|
| precise |
Released
(20.0+build1-0ubuntu0.12.04.3)
|
|
| quantal |
Released
(20.0+build1-0ubuntu0.12.10.3)
|
|
| raring |
Released
(20.0+build1-0ubuntu1)
|
|
| saucy |
Released
(20.0+build1-0ubuntu1)
|
|
| upstream |
Released
(20.0)
|
|
|
seamonkey Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Ignored
(reached end-of-life)
|
|
| oneiric |
Ignored
(reached end-of-life)
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Pending
(2.17)
|
|
|
thunderbird Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Released
(17.0.5+build1-0ubuntu0.10.04.1)
|
|
| oneiric |
Released
(17.0.5+build1-0ubuntu0.11.10.1)
|
|
| precise |
Released
(17.0.5+build1-0ubuntu0.12.04.1)
|
|
| quantal |
Released
(17.0.5+build1-0ubuntu0.12.10.1)
|
|
| raring |
Released
(17.0.5+build1-0ubuntu1)
|
|
| saucy |
Released
(17.0.5+build1-0ubuntu1)
|
|
| upstream |
Released
(17.0.5)
|
|
|
xulrunner-1.9.2 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(reached end-of-life)
|
| lucid |
Ignored
(see notes)
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
xulrunner-2.0 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
Notes
| Author | Note |
|---|---|
| jdstrand | xulrunner-1.9.2 unmaintained upstream (see README.mozilla for details) |