9.3

CVE-2013-0787

Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.

Data is provided by the National Vulnerability Database (NVD)
MozillaFirefox Version <= 19.0.1
MozillaFirefox Version19.0
MozillaFirefox Version17.0
MozillaFirefox Version17.0.1
MozillaFirefox Version17.0.2
MozillaFirefox Version17.0.3
MozillaThunderbird Version <= 17.0.3
MozillaThunderbird Version17.0
MozillaThunderbird Version17.0.1
MozillaThunderbird Version17.0.2
MozillaThunderbird Esr Version17.0
MozillaThunderbird Esr Version17.0.1
MozillaThunderbird Esr Version17.0.2
MozillaThunderbird Esr Version17.0.3
MozillaSeamonkey Version <= 2.16
MozillaSeamonkey Version2.16 Updatebeta1
MozillaSeamonkey Version2.16 Updatebeta2
MozillaSeamonkey Version2.16 Updatebeta3
MozillaSeamonkey Version2.16 Updatebeta4
MozillaSeamonkey Version2.16 Updatebeta5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 6.17% 0.905
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C