Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/63543?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63543?format=api", "vulnerability_id": "VCID-xrw9-71ea-uqem", "summary": "Security researcher Robert Kugler reported\nin 2012 that when a specifically named DLL file on a Windows computer is\nplaced in the default downloads directory with the Firefox installer, the\nFirefox installer will load this DLL file when it is launched. Mozilla\ndevelopers Brian Bondy and Robert Strong then\ndiscovered that the stub installer was vulnerable to this same issue with a\nnumber of DLL files and there were additionally vulnerable named DLL files with\nthe full installer. In circumstances where an installer is run by an\nadministrator privileged account, this allows for a downloaded DLL file to be\nrun with those administrator privileges.", "aliases": [ { "alias": "CVE-2013-1715" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86527?format=api", "purl": "pkg:mozilla/Firefox@23.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@23.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/86531?format=api", "purl": "pkg:mozilla/Seamonkey@2.20.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Seamonkey@2.20.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37729", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37599", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37781", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37735", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37748", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37762", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37727", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.377", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37749", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1715", "reference_id": "CVE-2013-1715", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1715" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-74", "reference_id": "mfsa2013-74", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-74" } ], "weaknesses": [], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xrw9-71ea-uqem" }