CVE-2013-5612
- EPSS 0.74%
- Published 11.12.2013 15:55:12
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset ...
- EPSS 11.06%
- Published 11.12.2013 15:55:12
- Last modified 11.04.2025 00:51:21
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause...
CVE-2013-5614
- EPSS 0.28%
- Published 11.12.2013 15:55:12
- Last modified 11.04.2025 00:51:21
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a cra...
CVE-2013-5616
- EPSS 2.87%
- Published 11.12.2013 15:55:12
- Last modified 11.04.2025 00:51:21
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code...
- EPSS 2.75%
- Published 11.12.2013 15:55:07
- Last modified 11.04.2025 00:51:21
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and app...