CVE-2013-0771

NameCVE-2013-0771
DescriptionHeap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
icedove (PTS)jessie1:52.3.0-4~deb8u2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceapesource(unstable)(not affected)
icedovesource(unstable)(not affected)
iceweaselsource(unstable)(not affected)

Notes

- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)

Search for package or bug name: Reporting problems