Search for vulnerabilities
Vulnerability details: VCID-8w2c-nxv2-yfhy
Vulnerability ID VCID-8w2c-nxv2-yfhy
Aliases CVE-2013-1717
Summary Security researcher Georgi Guninski reported an issue with Java applets where in some circumstances the applet could access files on the local system when loaded using the a file:/// URI and violate file origin policy due to interaction with the codebase parameter. This affects applets running on the local file system. Mozilla developer John Schoenick later discovered that fixes for this issue were inadequate and allowed the invocation of Java applets to bypass security checks in additional circumstances. This could lead to untrusted Java applets having read-only access on the local files system if used in conjunction with a method to download a file to a known or guessable path.In general these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled, but are potentially a risk in browser or browser-like contexts.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
epss 0.0057 https://api.first.org/data/v1/epss?cve=CVE-2013-1717
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2013-75
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1717.json
https://api.first.org/data/v1/epss?cve=CVE-2013-1717
993605 https://bugzilla.redhat.com/show_bug.cgi?id=993605
CVE-2013-1717 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1717
mfsa2013-75 https://www.mozilla.org/en-US/security/advisories/mfsa2013-75
RHSA-2013:1140 https://access.redhat.com/errata/RHSA-2013:1140
RHSA-2013:1142 https://access.redhat.com/errata/RHSA-2013:1142
USN-1924-1 https://usn.ubuntu.com/1924-1/
USN-1925-1 https://usn.ubuntu.com/1925-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.67616
EPSS Score 0.0057
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:10:21.613063+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2013/mfsa2013-75.md 37.0.0