VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
epss	0.24563	https://api.first.org/data/v1/epss?cve=CVE-2013-1670
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2013-1670
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2013-42

System

Score

Found at

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

epss

0.24563

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

cvssv2

4.3

https://nvd.nist.gov/vuln/detail/CVE-2013-1670

generic_textual

high

https://www.mozilla.org/en-US/security/advisories/mfsa2013-42

Reference id

Reference type

URL

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html

http://rhn.redhat.com/errata/RHSA-2013-0820.html

http://rhn.redhat.com/errata/RHSA-2013-0821.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1670.json

https://api.first.org/data/v1/epss?cve=CVE-2013-1670

https://bugzilla.mozilla.org/show_bug.cgi?id=853709

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0773

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0775

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0776

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0780

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0782

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0783

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0787

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0801

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1670

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1674

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1675

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1676

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1677

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1678

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1679

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1680

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1681

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1694

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17046

http://www.debian.org/security/2013/dsa-2699

http://www.exploit-db.com/exploits/34363

http://www.mandriva.com/security/advisories?name=MDVSA-2013:165

http://www.mozilla.org/security/announce/2013/mfsa2013-42.html

http://www.osvdb.org/93427

http://www.securityfocus.com/bid/59865

http://www.ubuntu.com/usn/USN-1822-1

http://www.ubuntu.com/usn/USN-1823-1

962596

https://bugzilla.redhat.com/show_bug.cgi?id=962596

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:17.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.5:*:*:*:*:*:*:*

CVE-2013-1670

https://nvd.nist.gov/vuln/detail/CVE-2013-1670

CVE-2013-1670;OSVDB-93427

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/34363.rb

GLSA-201309-23

https://security.gentoo.org/glsa/201309-23

mfsa2013-42

https://www.mozilla.org/en-US/security/advisories/mfsa2013-42

RHSA-2013:0820

https://access.redhat.com/errata/RHSA-2013:0820

RHSA-2013:0821

https://access.redhat.com/errata/RHSA-2013:0821

USN-1822-1

https://usn.ubuntu.com/1822-1/

USN-1823-1

https://usn.ubuntu.com/1823-1/

Data source	Exploit-DB
Date added	Aug. 19, 2014
Description	Mozilla Firefox - toString console.time Privileged JavaScript Injection (Metasploit)
Ransomware campaign use	Known
Source publication date	Aug. 19, 2014
Exploit type	remote
Platform	multiple
Source update date	Aug. 19, 2014

Exploit-DB

Aug. 19, 2014

Mozilla Firefox - toString console.time Privileged JavaScript Injection (Metasploit)

Known

Aug. 19, 2014

remote

multiple

Aug. 19, 2014

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:02:31.971762+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201309-23	38.0.0

2026-04-01T13:02:31.971762+00:00

Gentoo Importer

Import

https://security.gentoo.org/glsa/201309-23

38.0.0

Vulnerability ID	VCID-e74f-wk18-buaa
Aliases	CVE-2013-1670
Summary	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, some of which may allow a remote user to execute arbitrary code.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-264	Permissions, Privileges, and Access Controls

Percentile	0.96087
EPSS Score	0.24563
Published At	April 1, 2026, 12:55 p.m.