CVE-2013-1727

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 18-09-2013 12:08

Last modified: - 26-09-2022 05:45

Total changes: - 2

Description

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:P/I:P/A:N

High

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

4.0

Base score

4.9

Exploitability score

Impact score

Verification logic

Reference

http://www.mozilla.org/security/announce/2013/mfsa2013-84.html
https://bugzilla.mozilla.org/show_bug.cgi?id=782581
FEDORA-2013-16992-
FEDORA-2013-17047-
FEDORA-2013-17074-

Keywords

CVE-2013-1727

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2013-1727

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures