The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
No history.
Information
Published : 2013-12-11 15:55
Updated : 2024-02-28 12:00
NVD link : CVE-2013-6671
Mitre link : CVE-2013-6671
CVE.ORG link : CVE-2013-6671
JSON object : View
Products Affected
suse
- suse_linux_enterprise_software_development_kit
- suse_linux_enterprise_desktop
- suse_linux_enterprise_server
opensuse
- opensuse
redhat
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_server
- enterprise_linux_eus
- enterprise_linux_server_tus
- enterprise_linux_workstation
mozilla
- firefox_esr
- seamonkey
- thunderbird
- firefox
canonical
- ubuntu_linux
fedoraproject
- fedora
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')