CVE-2013-5598
- EPSS 2.94%
- Veröffentlicht 30.10.2013 10:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by u...
- EPSS 5.19%
- Veröffentlicht 30.10.2013 10:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderb...
- EPSS 5.35%
- Veröffentlicht 30.10.2013 10:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonke...
- EPSS 5.3%
- Veröffentlicht 30.10.2013 10:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey bef...
- EPSS 5.17%
- Veröffentlicht 30.10.2013 10:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allo...
- EPSS 5.42%
- Veröffentlicht 30.10.2013 10:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitr...
CVE-2013-5604
- EPSS 6.49%
- Veröffentlicht 30.10.2013 10:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not pro...
- EPSS 5.44%
- Veröffentlicht 18.09.2013 10:08:24
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex...
CVE-2013-1720
- EPSS 3.99%
- Veröffentlicht 18.09.2013 10:08:24
- Zuletzt bearbeitet 29.04.2026 01:13:23
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements...
CVE-2013-1721
- EPSS 4.36%
- Veröffentlicht 18.09.2013 10:08:24
- Zuletzt bearbeitet 29.04.2026 01:13:23
Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted w...