UBUNTU-CVE-2013-1054
- Source
- https://ubuntu.com/security/CVE-2013-1054
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-1054.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2013-1054
- Upstream
- Related
- Published
- 2021-04-07T20:15:00Z
- Modified
- 2026-02-04T03:49:11.218678Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus disabling the extension entirely.
- References
Affected packages
Ubuntu:14.04:LTS / unity-firefox-extension
Package
- Name
- unity-firefox-extension
- Purl
- pkg:deb/ubuntu/unity-firefox-extension@3.0.0+14.04.20140416-0ubuntu1.14.04.1?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.0+14.04.20140416-0ubuntu1.14.04.1
Affected versions
2.*
2.4.8+13.10.20130920-0ubuntu1
3.*
3.0.0+14.04.20140130.1-0ubuntu1
3.0.0+14.04.20140205-0ubuntu1
3.0.0+14.04.20140220-0ubuntu1
3.0.0+14.04.20140411-0ubuntu1
3.0.0+14.04.20140416-0ubuntu1