CVE-2013-1674

🗓️ 16 May 2013 10:00:00Reported by mozillaType

CVE-2013-1674: Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video

Reporter	Title	Published	Views	Family All 126
IBM Security Bulletins	Security Bulletin: IBM SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities.	26 Sep 202204:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storwize V7000 Unified Update Includes Fixes for Multiple Vendor Security Vulnerabilities.	26 Sep 202204:23	–	ibm
FreeBSD	mozilla -- multiple vulnerabilities	14 May 201300:00	–	freebsd
Tenable Nessus	Mozilla Thunderbird 17.x < 17.0.6 Multiple Vulnerabilities	15 May 201300:00	–	nessus
Tenable Nessus	Mozilla Firefox < 21.0 Multiple Vulnerabilities	16 May 201300:00	–	nessus
Tenable Nessus	Mozilla Firefox 20.x <= 20 Multiple Vulnerabilities	16 May 201300:00	–	nessus
Tenable Nessus	Mozilla Thunderbird 17.x < 17.0.6 Multiple Vulnerabilities	15 May 201300:00	–	nessus
Tenable Nessus	CentOS 5 / 6 : firefox (CESA-2013:0820)	15 May 201300:00	–	nessus
Tenable Nessus	CentOS 5 / 6 : thunderbird (CESA-2013:0821)	15 May 201300:00	–	nessus
Tenable Nessus	Debian DSA-2699-1 : iceweasel - several vulnerabilities	3 Jun 201300:00	–	nessus

NVD

Node

mozilla firefoxRange≤20.0.1

mozilla firefoxMatch19.0

mozilla firefoxMatch19.0.1

mozilla firefoxMatch19.0.2

mozilla firefoxMatch20.0

Node

mozilla firefoxMatch17.0

mozilla firefoxMatch17.0.1

mozilla firefoxMatch17.0.2

mozilla firefoxMatch17.0.3

mozilla firefoxMatch17.0.4

mozilla firefoxMatch17.0.5

Node

mozilla thunderbirdRange≤17.0.5

mozilla thunderbirdMatch17.0

mozilla thunderbirdMatch17.0.1

mozilla thunderbirdMatch17.0.2

mozilla thunderbirdMatch17.0.3

mozilla thunderbirdMatch17.0.4

Node

mozilla thunderbird_esrMatch17.0

mozilla thunderbird_esrMatch17.0.1

mozilla thunderbird_esrMatch17.0.2

mozilla thunderbird_esrMatch17.0.3

mozilla thunderbird_esrMatch17.0.4

mozilla thunderbird_esrMatch17.0.5

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html
ubuntu	www.ubuntu.com/usn/USN-1823-1
rhn	www.rhn.redhat.com/errata/RHSA-2013-0821.html
lists	www.lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html
lists	www.lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17147
mozilla	www.mozilla.org/security/announce/2013/mfsa2013-46.html
securityfocus	www.securityfocus.com/bid/59859
lists	www.lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi

29 Apr 2026 01:13Current

9.4High risk

Vulners AI Score9.4

CVSS 29.3

EPSS0.04484

CWE-399