CVE-2013-1724

Publication date 17 September 2013

Last updated 24 July 2024

Ubuntu priority

Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
firefox	13.04 raring	Fixed 24.0+build1-0ubuntu0.13.04.1
	12.10 quantal	Fixed 24.0+build1-0ubuntu0.12.10.1
	12.04 LTS precise	Fixed 24.0+build1-0ubuntu0.12.04.1
	10.04 LTS lucid	Ignored end of life
thunderbird	13.04 raring	Fixed 1:24.0+build1-0ubuntu0.13.04.1
	12.10 quantal	Fixed 1:24.0+build1-0ubuntu0.12.10.1
	12.04 LTS precise	Fixed 1:24.0+build1-0ubuntu0.12.04.1
	10.04 LTS lucid	Ignored end of life

References

Related Ubuntu Security Notices (USN)

USN-1952-1
Thunderbird vulnerabilities
18 September 2013

USN-1951-1
Firefox vulnerabilities
17 September 2013

CVE-2013-1724

Status

References

Related Ubuntu Security Notices (USN)

Other references