9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.4 High
AI Score
Confidence
High
0.039 Low
EPSS
Percentile
92.1%
Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.
lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html
rhn.redhat.com/errata/RHSA-2013-0144.html
rhn.redhat.com/errata/RHSA-2013-0145.html
www.mozilla.org/security/announce/2013/mfsa2013-17.html
www.ubuntu.com/usn/USN-1681-1
www.ubuntu.com/usn/USN-1681-2
www.ubuntu.com/usn/USN-1681-4
bugzilla.mozilla.org/show_bug.cgi?id=814026
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16812