# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2013-5616 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-12-11 |
2020-08-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. |
2 |
CVE-2013-5613 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-12-11 |
2020-08-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. |
3 |
CVE-2013-5609 |
|
|
DoS Exec Code Mem. Corr. |
2013-12-11 |
2020-08-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
4 |
CVE-2013-5607 |
189 |
|
DoS Overflow |
2013-11-20 |
2018-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. |
5 |
CVE-2013-5604 |
119 |
|
DoS Exec Code Overflow |
2013-10-30 |
2018-10-30 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. |
6 |
CVE-2013-5603 |
|
|
DoS Exec Code Mem. Corr. |
2013-10-30 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates. |
7 |
CVE-2013-5602 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2013-10-30 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies. |
8 |
CVE-2013-5599 |
|
|
DoS Exec Code Mem. Corr. |
2013-10-30 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event. |
9 |
CVE-2013-5597 |
|
|
DoS Exec Code Mem. Corr. |
2013-10-30 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache. |
10 |
CVE-2013-5596 |
119 |
|
DoS Exec Code Overflow |
2013-10-30 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com. |
11 |
CVE-2013-5591 |
|
|
DoS Exec Code Mem. Corr. |
2013-10-30 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
12 |
CVE-2013-5590 |
|
|
DoS Exec Code Mem. Corr. |
2013-10-30 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
13 |
CVE-2013-1736 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2013-09-18 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes. |
14 |
CVE-2013-1730 |
119 |
|
DoS Exec Code Overflow |
2013-09-18 |
2017-09-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site. |
15 |
CVE-2013-1722 |
399 |
|
DoS Exec Code Mem. Corr. |
2013-09-18 |
2017-09-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning. |
16 |
CVE-2013-1718 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2013-09-18 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
17 |
CVE-2013-1701 |
|
|
DoS Exec Code Mem. Corr. |
2013-08-07 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
18 |
CVE-2013-1694 |
20 |
|
DoS Exec Code |
2013-06-26 |
2017-09-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag. |
19 |
CVE-2013-1690 |
119 |
|
DoS Exec Code Overflow |
2013-06-26 |
2017-09-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location. |
20 |
CVE-2013-1686 |
399 |
|
DoS Exec Code Mem. Corr. |
2013-06-26 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
21 |
CVE-2013-1685 |
399 |
|
DoS Exec Code Mem. Corr. |
2013-06-26 |
2017-09-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site. |
22 |
CVE-2013-1684 |
399 |
|
DoS Exec Code Mem. Corr. |
2013-06-26 |
2017-09-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site. |
23 |
CVE-2013-1682 |
|
|
DoS Exec Code Mem. Corr. |
2013-06-26 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
24 |
CVE-2013-1681 |
399 |
|
DoS Exec Code Mem. Corr. |
2013-05-16 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
25 |
CVE-2013-1680 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2013-05-16 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
26 |
CVE-2013-1679 |
399 |
|
DoS Exec Code Mem. Corr. |
2013-05-16 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
27 |
CVE-2013-1678 |
119 |
|
DoS Exec Code Overflow |
2013-05-16 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors. |
28 |
CVE-2013-1677 |
399 |
|
DoS Exec Code |
2013-05-16 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. |
29 |
CVE-2013-1676 |
119 |
|
DoS Exec Code Overflow |
2013-05-16 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. |
30 |
CVE-2013-0801 |
|
|
DoS Exec Code Mem. Corr. |
2013-05-16 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
31 |
CVE-2013-0791 |
119 |
|
DoS Overflow Mem. Corr. |
2013-04-03 |
2017-09-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate. |
32 |
CVE-2013-0788 |
|
|
DoS Exec Code Mem. Corr. |
2013-04-03 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
33 |
CVE-2013-0784 |
|
|
DoS Exec Code Mem. Corr. |
2013-02-19 |
2020-08-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
34 |
CVE-2013-0783 |
|
|
DoS Exec Code Mem. Corr. |
2013-02-19 |
2020-08-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
35 |
CVE-2013-0781 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-02-19 |
2020-08-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
36 |
CVE-2013-0780 |
416 |
|
DoS Exec Code Overflow Mem. Corr. |
2013-02-19 |
2020-08-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties. |
37 |
CVE-2013-0779 |
125 |
|
DoS Exec Code |
2013-02-19 |
2020-08-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. |
38 |
CVE-2013-0778 |
125 |
|
DoS Exec Code |
2013-02-19 |
2020-08-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. |
39 |
CVE-2013-0777 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-02-19 |
2020-08-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
40 |
CVE-2013-0770 |
|
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
41 |
CVE-2013-0769 |
|
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-11 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
42 |
CVE-2013-0767 |
125 |
|
DoS Exec Code |
2013-01-13 |
2020-08-07 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. |
43 |
CVE-2013-0766 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-07 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
44 |
CVE-2013-0763 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas. |
45 |
CVE-2013-0762 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
46 |
CVE-2013-0761 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-07 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. |
47 |
CVE-2013-0752 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2013-01-13 |
2020-08-10 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content. |
48 |
CVE-2013-0749 |
|
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-07 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
49 |
CVE-2013-0746 |
|
|
DoS Exec Code |
2013-01-13 |
2020-08-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection. |
50 |
CVE-2013-0744 |
416 |
|
DoS Exec Code Mem. Corr. |
2013-01-13 |
2020-08-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups. |