SecuritySpace - CVE-2013-1670

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID:	CVE-2013-1670
Description:	The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read- only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.
Test IDs:	1.3.6.1.4.1.25623.1.2.1.2013.42
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1670 BugTraq ID: 59865 http://www.securityfocus.com/bid/59865 Debian Security Information: DSA-2699 (Google Search) http://www.debian.org/security/2013/dsa-2699 http://www.exploit-db.com/exploits/34363 http://www.mandriva.com/security/advisories?name=MDVSA-2013:165 http://www.osvdb.org/93427 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17046 RedHat Security Advisories: RHSA-2013:0820 http://rhn.redhat.com/errata/RHSA-2013-0820.html RedHat Security Advisories: RHSA-2013:0821 http://rhn.redhat.com/errata/RHSA-2013-0821.html SuSE Security Announcement: openSUSE-SU-2013:0825 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html SuSE Security Announcement: openSUSE-SU-2013:0831 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html SuSE Security Announcement: openSUSE-SU-2013:0834 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html SuSE Security Announcement: openSUSE-SU-2013:0929 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html SuSE Security Announcement: openSUSE-SU-2013:0946 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html http://www.ubuntu.com/usn/USN-1822-1 http://www.ubuntu.com/usn/USN-1823-1