Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-161c-812n-ffen
Summary
Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, and SeaMonkey, some of which may allow a remote user to
    execute arbitrary code.
Aliases
0
alias CVE-2013-0757
Fixed_packages
0
url pkg:ebuild/mail-client/thunderbird@17.0.9
purl pkg:ebuild/mail-client/thunderbird@17.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@17.0.9
1
url pkg:ebuild/mail-client/thunderbird-bin@2.21
purl pkg:ebuild/mail-client/thunderbird-bin@2.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@2.21
2
url pkg:ebuild/mail-client/thunderbird-bin@17.0.9
purl pkg:ebuild/mail-client/thunderbird-bin@17.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@17.0.9
3
url pkg:ebuild/www-client/firefox@17.0.9
purl pkg:ebuild/www-client/firefox@17.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@17.0.9
4
url pkg:ebuild/www-client/firefox-bin@2.21
purl pkg:ebuild/www-client/firefox-bin@2.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@2.21
5
url pkg:ebuild/www-client/firefox-bin@17.0.9
purl pkg:ebuild/www-client/firefox-bin@17.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@17.0.9
6
url pkg:ebuild/www-client/seamonkey@2.21
purl pkg:ebuild/www-client/seamonkey@2.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@2.21
7
url pkg:ebuild/www-client/seamonkey@17.0.9
purl pkg:ebuild/www-client/seamonkey@17.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@17.0.9
8
url pkg:ebuild/www-client/seamonkey-bin@2.21
purl pkg:ebuild/www-client/seamonkey-bin@2.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@2.21
9
url pkg:ebuild/www-client/seamonkey-bin@17.0.9
purl pkg:ebuild/www-client/seamonkey-bin@17.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@17.0.9
10
url pkg:mozilla/Firefox@18.0.0
purl pkg:mozilla/Firefox@18.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@18.0.0
11
url pkg:mozilla/Firefox%20ESR@17.0.2
purl pkg:mozilla/Firefox%20ESR@17.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@17.0.2
12
url pkg:mozilla/SeaMonkey@2.15.0
purl pkg:mozilla/SeaMonkey@2.15.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.15.0
13
url pkg:mozilla/Thunderbird@17.0.2
purl pkg:mozilla/Thunderbird@17.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@17.0.2
14
url pkg:mozilla/Thunderbird%20ESR@17.0.2
purl pkg:mozilla/Thunderbird%20ESR@17.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird%2520ESR@17.0.2
Affected_packages
References
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0757.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0757.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0757
reference_id
reference_type
scores
0
value 0.74572
scoring_system epss
scoring_elements 0.98855
published_at 2026-04-16T12:55:00Z
1
value 0.74572
scoring_system epss
scoring_elements 0.98842
published_at 2026-04-01T12:55:00Z
2
value 0.74572
scoring_system epss
scoring_elements 0.98851
published_at 2026-04-12T12:55:00Z
3
value 0.74572
scoring_system epss
scoring_elements 0.98852
published_at 2026-04-13T12:55:00Z
4
value 0.74572
scoring_system epss
scoring_elements 0.98843
published_at 2026-04-02T12:55:00Z
5
value 0.74572
scoring_system epss
scoring_elements 0.98845
published_at 2026-04-04T12:55:00Z
6
value 0.74572
scoring_system epss
scoring_elements 0.98847
published_at 2026-04-07T12:55:00Z
7
value 0.74572
scoring_system epss
scoring_elements 0.98848
published_at 2026-04-09T12:55:00Z
8
value 0.74572
scoring_system epss
scoring_elements 0.9885
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0757
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=813901
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=813901
7
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16939
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16939
8
reference_url http://www.mozilla.org/security/announce/2013/mfsa2013-14.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2013/mfsa2013-14.html
9
reference_url http://www.ubuntu.com/usn/USN-1681-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1681-1
10
reference_url http://www.ubuntu.com/usn/USN-1681-2
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1681-2
11
reference_url http://www.ubuntu.com/usn/USN-1681-4
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1681-4
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=892147
reference_id 892147
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=892147
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
31
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0757
reference_id CVE-2013-0757
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0757
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0757
reference_id CVE-2013-0757
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2013-0757
33
reference_url https://github.com/rapid7/metasploit-framework/blob/1d617ae3894222cfbbf6951fcd68fd2d1c1b15c6/modules/exploits/multi/http/git_client_command_exec.rb
reference_id CVE-2013-0758;CVE-2013-0757
reference_type exploit
scores
url https://github.com/rapid7/metasploit-framework/blob/1d617ae3894222cfbbf6951fcd68fd2d1c1b15c6/modules/exploits/multi/http/git_client_command_exec.rb
34
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41684.rb
reference_id CVE-2013-0758;CVE-2013-0757
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41684.rb
35
reference_url https://github.com/rapid7/metasploit-framework/blob/b08d1ad8d8d6c0f5cb63cc44e3ff75efb9edb7b3/modules/exploits/multi/browser/firefox_svg_plugin.rb
reference_id CVE-2013-0758;CVE-2013-0757;OSVDB-89020;OSVDB-89019
reference_type exploit
scores
url https://github.com/rapid7/metasploit-framework/blob/b08d1ad8d8d6c0f5cb63cc44e3ff75efb9edb7b3/modules/exploits/multi/browser/firefox_svg_plugin.rb
36
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/41683.rb
reference_id CVE-2013-0758;CVE-2013-0757;OSVDB-89020;OSVDB-89019
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/41683.rb
37
reference_url https://security.gentoo.org/glsa/201309-23
reference_id GLSA-201309-23
reference_type
scores
url https://security.gentoo.org/glsa/201309-23
38
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2013-14
reference_id mfsa2013-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2013-14
39
reference_url https://usn.ubuntu.com/1681-1/
reference_id USN-1681-1
reference_type
scores
url https://usn.ubuntu.com/1681-1/
40
reference_url https://usn.ubuntu.com/1681-2/
reference_id USN-1681-2
reference_type
scores
url https://usn.ubuntu.com/1681-2/
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
0
date_added 2017-03-23
description GIT 1.8.5.6/1.9.5/2.0.5/2.1.4/2.2.1 & Mercurial < 3.2.3 - Multiple Vulnerabilities (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2014-12-18
exploit_type remote
platform multiple
source_date_updated 2017-03-23
data_source Exploit-DB
source_url https://github.com/rapid7/metasploit-framework/blob/1d617ae3894222cfbbf6951fcd68fd2d1c1b15c6/modules/exploits/multi/http/git_client_command_exec.rb
1
date_added null
description 
This exploit gains remote code execution on Firefox 17 and 17.0.1, provided
          the user has installed Flash. No memory corruption is used.

          First, a Flash object is cloned into the anonymous content of the SVG
          "use" element in the <body> (CVE-2013-0758). From there, the Flash object
          can navigate a child frame to a URL in the chrome:// scheme.

          Then a separate exploit (CVE-2013-0757) is used to bypass the security wrapper
          around the child frame's window reference and inject code into the chrome://
          context. Once we have injection into the chrome execution context, we can write
          the payload to disk, chmod it (if posix), and then execute.

          Note: Flash is used here to trigger the exploit but any Firefox plugin
          with script access should be able to trigger it.
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2013-01-08
exploit_type null
platform Firefox,Java,Linux,OSX,Solaris,Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/firefox_svg_plugin.rb
Severity_range_score7.0 - 9.3
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-161c-812n-ffen