VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 7, 2013· Updated Apr 29, 2026

CVE-2013-1706

CVE-2013-1706

Description

Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line.

Affected products

31
  • Mozilla Corporation/Firefox15 versions
    cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=22.0
    • cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:17.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:21.0:*:*:*:*:*:*:*
  • Mozilla Corporation/Thunderbird8 versions
    cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=17.0.7
    • cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:17.0.6:*:*:*:*:*:*:*
  • Mozilla Corporation/Thunderbird Esr8 versions
    cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird_esr:17.0.7:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.