Lucene search

K

MozillaCVELIST:CVE-2013-0756

HistoryJan 13, 2013 - 8:00 p.m.

CVE-2013-0756

2013-01-1320:00:00

mozilla

www.cve.org

2

9.5 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.

References

lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html

lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html

www.mozilla.org/security/announce/2013/mfsa2013-19.html

www.ubuntu.com/usn/USN-1681-1

www.ubuntu.com/usn/USN-1681-2

www.ubuntu.com/usn/USN-1681-4

bugzilla.mozilla.org/show_bug.cgi?id=814029

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17101

9.5 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

Related for CVELIST:CVE-2013-0756

ubuntucve1 zdi1 cve1 prion1 nvd1 openvas19 mozilla1 nessus25 suse7 securityvulns1 freebsd1 ubuntu4 gentoo1