Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/63544?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63544?format=api", "vulnerability_id": "VCID-cbtz-tu9w-jfc2", "summary": "Security researcher Robert Kugler discovered that in some\ninstances the Mozilla Maintenance Service on Windows will be vulnerable to some\npreviously fixed privilege escalation attacks that allowed for local privilege\nescalation. This was caused by the Mozilla Updater not updating Windows Registry\nentries for the Mozilla Maintenance Service, which fixed the earlier issues\npresent if Firefox 12 had been installed. New installations of Firefox after\nversion 12 are not affected by this issue. Local file system access is necessary\nin order for this issue to be exploitable and it cannot be triggered through web\ncontent.", "aliases": [ { "alias": "CVE-2013-1673" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86503?format=api", "purl": "pkg:mozilla/Firefox@21.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@21.0.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14762", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14831", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14671", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1473", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14881", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14957", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1476", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1485", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14904", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14865", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14828", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1477", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14664", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1673" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=854088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=854088" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17125" }, { "reference_url": "http://www.mozilla.org/security/announce/2013/mfsa2013-45.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-45.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1673", "reference_id": "CVE-2013-1673", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1673" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1673", "reference_id": "CVE-2013-1673", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1673" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-45", "reference_id": "mfsa2013-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-45" } ], "weaknesses": [ { "cwe_id": 264, "name": "Permissions, Privileges, and Access Controls", "description": "Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control." } ], "exploits": [], "severity_range_score": "6.9 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtz-tu9w-jfc2" }