VYPR
Unrated severityNVD Advisory· Published Jun 26, 2013· Updated Jun 16, 2026

CVE-2013-1693

CVE-2013-1693

Description

The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

32
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=21.0
    • cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*
    • (no CPE)range: < 22.0
  • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=17.0.6
    • cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.6:*:*:*:*:*:*:*
    • (no CPE)range: < 17.0.7
  • osv-coords3 versions
    < 128.5.1-1.1+ 2 more
    • (no CPE)range: < 128.5.1-1.1
    • (no CPE)range: < 50.1.0-1.1
    • (no CPE)range: < 45.5.1-1.1

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.