CVE-2013-5611

Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.

CVSS v2.0 5.8 MEDIUM

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:P

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html	Third Party Advisory
http://www.mozilla.org/security/announce/2013/mfsa2013-105.html	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	Third Party Advisory
http://www.securitytracker.com/id/1029470
http://www.ubuntu.com/usn/USN-2052-1	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=771294	Issue Tracking
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html	Third Party Advisory
http://www.mozilla.org/security/announce/2013/mfsa2013-105.html	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	Third Party Advisory
http://www.securitytracker.com/id/1029470
http://www.ubuntu.com/usn/USN-2052-1	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=771294	Issue Tracking

Configurations

Configuration 1 (hide)

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:19:::::::*
	cpe:2.3:o:fedoraproject:fedora:20:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*

Configuration 4 (hide)

OR	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::*
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::

Configuration 5 (hide)

OR	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse_project:opensuse:11.4:::::::*
	cpe:2.3:o:opensuse_project:opensuse:12.3:::::::*

Configuration 6 (hide)

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox:0.1:::::::*
	cpe:2.3:a:mozilla:firefox:0.2:::::::*
	cpe:2.3:a:mozilla:firefox:0.3:::::::*
	cpe:2.3:a:mozilla:firefox:0.4:::::::*
	cpe:2.3:a:mozilla:firefox:0.5:::::::*
	cpe:2.3:a:mozilla:firefox:0.6:::::::*
	cpe:2.3:a:mozilla:firefox:0.6.1:::::::*
	cpe:2.3:a:mozilla:firefox:0.7:::::::*
	cpe:2.3:a:mozilla:firefox:0.7.1:::::::*
	cpe:2.3:a:mozilla:firefox:0.8:::::::*
	cpe:2.3:a:mozilla:firefox:0.9:::::::*
	cpe:2.3:a:mozilla:firefox:0.9:rc::::::
	cpe:2.3:a:mozilla:firefox:0.9.1:::::::*
	cpe:2.3:a:mozilla:firefox:0.9.2:::::::*
	cpe:2.3:a:mozilla:firefox:0.9.3:::::::*
	cpe:2.3:a:mozilla:firefox:0.10:::::::*
	cpe:2.3:a:mozilla:firefox:0.10.1:::::::*
	cpe:2.3:a:mozilla:firefox:1.0:::::::*
	cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
	cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
	cpe:2.3:a:mozilla:firefox:1.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
	cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
	cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
	cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
	cpe:2.3:a:mozilla:firefox:2.0:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
	cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.0.18:::::::*
cpe:2.3:a:mozilla:firefox:3.0.19:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:3.5.13:::::::*
cpe:2.3:a:mozilla:firefox:3.5.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.15:::::::*
cpe:2.3:a:mozilla:firefox:3.5.16:::::::*
cpe:2.3:a:mozilla:firefox:3.5.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5.18:::::::*
cpe:2.3:a:mozilla:firefox:3.5.19:::::::*
cpe:2.3:a:mozilla:firefox:3.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
cpe:2.3:a:mozilla:firefox:3.6.11:::::::*
cpe:2.3:a:mozilla:firefox:3.6.12:::::::*
cpe:2.3:a:mozilla:firefox:3.6.13:::::::*
cpe:2.3:a:mozilla:firefox:3.6.14:::::::*
cpe:2.3:a:mozilla:firefox:3.6.15:::::::*
cpe:2.3:a:mozilla:firefox:3.6.16:::::::*
cpe:2.3:a:mozilla:firefox:3.6.17:::::::*
cpe:2.3:a:mozilla:firefox:3.6.18:::::::*
cpe:2.3:a:mozilla:firefox:3.6.19:::::::*
cpe:2.3:a:mozilla:firefox:3.6.20:::::::*
cpe:2.3:a:mozilla:firefox:3.6.21:::::::*
cpe:2.3:a:mozilla:firefox:3.6.22:::::::*
cpe:2.3:a:mozilla:firefox:3.6.23:::::::*
cpe:2.3:a:mozilla:firefox:3.6.24:::::::*
cpe:2.3:a:mozilla:firefox:3.6.25:::::::*
cpe:2.3:a:mozilla:firefox:3.6.26:::::::*
cpe:2.3:a:mozilla:firefox:3.6.27:::::::*
cpe:2.3:a:mozilla:firefox:3.6.28:::::::*
cpe:2.3:a:mozilla:firefox:4.0:::::::*
cpe:2.3:a:mozilla:firefox:4.0:beta1::::::
cpe:2.3:a:mozilla:firefox:4.0:beta10::::::
cpe:2.3:a:mozilla:firefox:4.0:beta11::::::
cpe:2.3:a:mozilla:firefox:4.0:beta12::::::
cpe:2.3:a:mozilla:firefox:4.0:beta2::::::
cpe:2.3:a:mozilla:firefox:4.0:beta3::::::
cpe:2.3:a:mozilla:firefox:4.0:beta4::::::
cpe:2.3:a:mozilla:firefox:4.0:beta5::::::
cpe:2.3:a:mozilla:firefox:4.0:beta6::::::
cpe:2.3:a:mozilla:firefox:4.0:beta7::::::
cpe:2.3:a:mozilla:firefox:4.0:beta8::::::
cpe:2.3:a:mozilla:firefox:4.0:beta9::::::
cpe:2.3:a:mozilla:firefox:4.0.1:::::::*
cpe:2.3:a:mozilla:firefox:5.0:::::::*
cpe:2.3:a:mozilla:firefox:5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:6.0:::::::*
cpe:2.3:a:mozilla:firefox:6.0.1:::::::*
cpe:2.3:a:mozilla:firefox:6.0.2:::::::*
cpe:2.3:a:mozilla:firefox:7.0:::::::*
cpe:2.3:a:mozilla:firefox:7.0.1:::::::*
cpe:2.3:a:mozilla:firefox:8.0:::::::*
cpe:2.3:a:mozilla:firefox:8.0.1:::::::*
cpe:2.3:a:mozilla:firefox:9.0:::::::*
cpe:2.3:a:mozilla:firefox:9.0.1:::::::*
cpe:2.3:a:mozilla:firefox:10.0:::::::*
cpe:2.3:a:mozilla:firefox:10.0.1:::::::*
cpe:2.3:a:mozilla:firefox:10.0.2:::::::*
cpe:2.3:a:mozilla:firefox:10.0.3:::::::*
cpe:2.3:a:mozilla:firefox:10.0.4:::::::*
cpe:2.3:a:mozilla:firefox:10.0.5:::::::*
cpe:2.3:a:mozilla:firefox:10.0.6:::::::*
cpe:2.3:a:mozilla:firefox:10.0.7:::::::*
cpe:2.3:a:mozilla:firefox:10.0.8:::::::*
cpe:2.3:a:mozilla:firefox:10.0.9:::::::*
cpe:2.3:a:mozilla:firefox:10.0.10:::::::*
cpe:2.3:a:mozilla:firefox:10.0.11:::::::*
cpe:2.3:a:mozilla:firefox:10.0.12:::::::*
cpe:2.3:a:mozilla:firefox:11.0:::::::*
cpe:2.3:a:mozilla:firefox:12.0:::::::*
cpe:2.3:a:mozilla:firefox:12.0:beta6::::::
cpe:2.3:a:mozilla:firefox:13.0:::::::*
cpe:2.3:a:mozilla:firefox:13.0.1:::::::*
cpe:2.3:a:mozilla:firefox:14.0:::::::*
cpe:2.3:a:mozilla:firefox:14.0.1:::::::*
cpe:2.3:a:mozilla:firefox:15.0:::::::*
cpe:2.3:a:mozilla:firefox:15.0.1:::::::*
cpe:2.3:a:mozilla:firefox:16.0:::::::*
cpe:2.3:a:mozilla:firefox:16.0.1:::::::*
cpe:2.3:a:mozilla:firefox:16.0.2:::::::*
cpe:2.3:a:mozilla:firefox:17.0.2:::::::*
cpe:2.3:a:mozilla:firefox:17.0.3:::::::*
cpe:2.3:a:mozilla:firefox:17.0.4:::::::*
cpe:2.3:a:mozilla:firefox:17.0.5:::::::*
cpe:2.3:a:mozilla:firefox:17.0.6:::::::*
cpe:2.3:a:mozilla:firefox:17.0.7:::::::*
cpe:2.3:a:mozilla:firefox:17.0.8:::::::*
cpe:2.3:a:mozilla:firefox:17.0.9:::::::*
cpe:2.3:a:mozilla:firefox:17.0.10:::::::*
cpe:2.3:a:mozilla:firefox:17.0.11:::::::*
cpe:2.3:a:mozilla:firefox:18.0:::::::*
cpe:2.3:a:mozilla:firefox:18.0.1:::::::*
cpe:2.3:a:mozilla:firefox:18.0.2:::::::*
cpe:2.3:a:mozilla:firefox:19.0:::::::*
cpe:2.3:a:mozilla:firefox:19.0.1:::::::*
cpe:2.3:a:mozilla:firefox:19.0.2:::::::*
cpe:2.3:a:mozilla:firefox:20.0:::::::*
cpe:2.3:a:mozilla:firefox:20.0.1:::::::*
cpe:2.3:a:mozilla:firefox:21.0:::::::*
cpe:2.3:a:mozilla:firefox:23.0:::::::*
cpe:2.3:a:mozilla:firefox:23.0.1:::::::*
cpe:2.3:a:mozilla:firefox:24.0:::::::*
cpe:2.3:a:mozilla:firefox:24.1:::::::*
cpe:2.3:a:mozilla:firefox:24.1.1:::::::*
cpe:2.3:a:mozilla:firefox:25.0:::::::*

History

21 Nov 2024, 01:57

Type	Values Removed	Values Added
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html - Third Party Advisory~~	() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html - Third Party Advisory
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html - Third Party Advisory~~	() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html - Third Party Advisory
References	~~() http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html - Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html - Third Party Advisory
References	~~() http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html - Third Party Advisory~~	() http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html - Third Party Advisory
References	~~() http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html - Third Party Advisory~~	() http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html - Third Party Advisory
References	~~() http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html - Third Party Advisory~~	() http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html - Third Party Advisory
References	~~() http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html - Third Party Advisory~~	() http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html - Third Party Advisory
References	~~() http://www.mozilla.org/security/announce/2013/mfsa2013-105.html - Vendor Advisory~~	() http://www.mozilla.org/security/announce/2013/mfsa2013-105.html - Vendor Advisory
References	~~() http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html - Third Party Advisory~~	() http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html - Third Party Advisory
References	~~() http://www.securitytracker.com/id/1029470 -~~	() http://www.securitytracker.com/id/1029470 -
References	~~() http://www.ubuntu.com/usn/USN-2052-1 - Third Party Advisory~~	() http://www.ubuntu.com/usn/USN-2052-1 - Third Party Advisory
References	~~() https://bugzilla.mozilla.org/show_bug.cgi?id=771294 - Issue Tracking~~	() https://bugzilla.mozilla.org/show_bug.cgi?id=771294 - Issue Tracking

Information

Published : 2013-12-11 15:55

Updated : 2024-11-21 01:57

NVD link : CVE-2013-5611

Mitre link : CVE-2013-5611

CVE.ORG link : CVE-2013-5611

JSON object : View

Products Affected

opensuse

opensuse

mozilla

firefox

suse

linux_enterprise_software_development_kit
linux_enterprise_server
linux_enterprise_desktop

canonical

ubuntu_linux

oracle

solaris

fedoraproject

fedora

opensuse_project

opensuse

CWE

NVD-CWE-noinfo

5.8 /10