vulnerability

Ubuntu: (CVE-2013-1054): unity-firefox-extension vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Apr 7, 2021	Nov 19, 2024	Aug 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Apr 7, 2021

Added

Nov 19, 2024

Modified

Aug 18, 2025

Description

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus disabling the extension entirely.

Solution

ubuntu-upgrade-unity-firefox-extension

References

CVE-2013-1054
https://attackerkb.com/topics/CVE-2013-1054
CWE-404
URL-https://ubuntu.com/security/notices/USN-2743-3
URL-https://www.cve.org/CVERecord?id=CVE-2013-1054

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today