9.3
CVE-2013-1685
- EPSS 0.56%
- Published 26.06.2013 03:19:10
- Last modified 11.04.2025 00:51:21
- Source security@mozilla.org
- Teams watchlist Login
- Open Login
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
Data is provided by the National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version <= 17.0.6
Mozilla ≫ Thunderbird Version17.0
Mozilla ≫ Thunderbird Version17.0.1
Mozilla ≫ Thunderbird Version17.0.2
Mozilla ≫ Thunderbird Version17.0.3
Mozilla ≫ Thunderbird Version17.0.4
Mozilla ≫ Thunderbird Version17.0.5
Mozilla ≫ Thunderbird Esr Version17.0
Mozilla ≫ Thunderbird Esr Version17.0.1
Mozilla ≫ Thunderbird Esr Version17.0.2
Mozilla ≫ Thunderbird Esr Version17.0.3
Mozilla ≫ Thunderbird Esr Version17.0.4
Mozilla ≫ Thunderbird Esr Version17.0.5
Mozilla ≫ Thunderbird Esr Version17.0.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.56% | 0.656 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|