Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-0756
HistoryJan 13, 2013 - 8:55 p.m.

CVE-2013-0756

2013-01-1320:55:01
CWE-416
[email protected]
web.nvd.nist.gov
49
cve-2013-0756
mozilla firefox
thunderbird
vulnerability
remote code execution
web page
javascript proxy objects
nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.3 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.

Affected configurations

NVD
Node
mozillafirefoxRange<18.0
OR
mozillafirefox_esrRange<17.0.2
OR
mozillaseamonkeyRange<2.15
OR
mozillathunderbirdRange<17.0.2
OR
mozillathunderbird_esrRange<17.0.2
Node
opensuseopensuseMatch11.4
OR
opensuseopensuseMatch12.1
OR
opensuseopensuseMatch12.2
OR
suselinux_enterprise_desktopMatch10sp4
OR
suselinux_enterprise_desktopMatch11sp2
OR
suselinux_enterprise_serverMatch10sp4
OR
suselinux_enterprise_serverMatch11sp2-
OR
suselinux_enterprise_serverMatch11sp2vmware
OR
suselinux_enterprise_software_development_kitMatch10sp4
OR
suselinux_enterprise_software_development_kitMatch11sp2
Node
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch11.10
OR
canonicalubuntu_linuxMatch12.04esm
OR
canonicalubuntu_linuxMatch12.10

Related

zdi 1
ubuntucve 1
cvelist 1
openvas 19
nvd 1
prion 1
mozilla 1
nessus 25
suse 7
ubuntu 4
freebsd 1
securityvulns 1
gentoo 1
zdi
zdi
Mozilla Firefox obj_toSource Use-After-Free Remote Code Execution Vulnerability
2013-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2013-0756
2013-01-09 00:00:00
cvelist
cvelist
CVE-2013-0756
2013-01-13 20:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2013-19) - Linux
2021-11-11 00:00:00
Mozilla Products Multiple Vulnerabilities-04 (Jan 2013) - Mac OS X
2013-01-16 00:00:00
Mozilla Products Multiple Vulnerabilities-04 January13 (Mac OS X)
2013-01-16 00:00:00
nvd
nvd
CVE-2013-0756
2013-01-13 20:55:01
prion
prion
Design/Logic Flaw
2013-01-13 20:55:00
mozilla
mozilla
Use-after-free in Javascript Proxy objects — Mozilla
2013-01-08 00:00:00
nessus
nessus
Firefox ESR < 17.0.2 Multiple Vulnerabilities (Mac OS X)
2013-01-15 00:00:00
Firefox ESR 17.x < 17.0.2 Multiple Vulnerabilities
2013-01-15 00:00:00
Mozilla Thunderbird 17.x < 17.0.2 Multiple Vulnerabilities
2013-01-15 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2013-02-18 18:04:29
Security update for MozillaFirefox (important)
2013-01-18 20:04:36
Mozilla Januarys (important)
2013-01-23 14:04:54
ubuntu
ubuntu
Firefox vulnerabilities
2013-01-09 00:00:00
Firefox regression
2013-02-05 00:00:00
Firefox regression
2013-01-22 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-01-08 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-01-10 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.3 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON
Related for CVE-2013-0756
zdi1ubuntucve1cvelist1openvas19nvd1prion1mozilla1nessus25suse7ubuntu4freebsd1securityvulns1gentoo1