Home

CVE-2013-0776

Description

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.653

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2013-0775,CVE-2013-0776,CVE-2013-0783 are affected in Mozilla Firefox 18.0.2Windows
Vulnerability CVE-2013-0775,CVE-2013-0776,CVE-2013-0783,CVE-2013-0787 are affected in SeaMonkey 2.16Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 17.0.2Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 18.99Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 17.0.2Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 18.99Windows
Multiple Vulnerabilities are affected in Mozilla Thunderbird 17.0.2Windows
Multiple Vulnerabilities are affected in Mozilla Thunderbird ESR 17.0.2Windows
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (119.0)Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (119.0.1)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac 17.0.3Mac
Multiple Vulnerabilities are affected in Firefox ESR for Mac 17.0.2Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 17.0.2Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 18.2Mac
Multiple Vulnerabilities are affected in Mozilla Thunderbird for Mac 17.0.2Mac
Multiple Vulnerabilities are affected in SeaMonkey For Mac 2.15.2Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac 17.0.3Mac
Yelp update (CESA-2013:0271) yelp-2.28.1-17.el6_3.i686.rpmLinux
Yelp update (CESA-2013:0271) yelp-2.28.1-17.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update devhelp-0.12-23.el5_9.i386.rpmLinux
(RHSA-2013:0271) Critical: firefox security update devhelp-0.12-23.el5_9.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update devhelp-devel-0.12-23.el5_9.i386.rpmLinux
(RHSA-2013:0271) Critical: firefox security update devhelp-devel-0.12-23.el5_9.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-bin-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-bin-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-devel-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-devel-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-gnome-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-gnome-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-kde-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-kde-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-mozjs-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-mozjs-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-python-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-python-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-webkit-0.3.0-4.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update libproxy-webkit-0.3.0-4.el6_3.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update yelp-2.16.0-30.el5_9.i386.rpmLinux
(RHSA-2013:0271) Critical: firefox security update yelp-2.16.0-30.el5_9.x86_64.rpmLinux
(RHSA-2013:0271) Critical: firefox security update yelp-2.28.1-17.el6_3.i686.rpmLinux
(RHSA-2013:0271) Critical: firefox security update yelp-2.28.1-17.el6_3.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-343015Mozilla Firefox (132.0.2)
PATCH-341197SeaMonkey (2.53.19)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-611807Mozilla Thunderbird For Mac (142.0)
PATCH-611808Mozilla Firefox ESR for MAC 128.14.0
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611807Mozilla Thunderbird For Mac (142.0)
PATCH-611088SeaMonkey For Mac (2.53.21)
PATCH-612783Mozilla Firefox For Mac (145.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234