Search for vulnerabilities
Vulnerability details: VCID-bem6-vusc-aaab
Vulnerability ID VCID-bem6-vusc-aaab
Aliases CVE-2013-0787
Summary CVE-2013-0787 Mozilla: Use-after-free in HTML Editor (MFSA 2013-29)
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-399 Resource Management Errors
CWE-416 Use After Free
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2013:0614
rhas Important https://access.redhat.com/errata/RHSA-2013:0627
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.01958 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.07735 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.09680 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.11525 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.11525 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
epss 0.11525 https://api.first.org/data/v1/epss?cve=CVE-2013-0787
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=918876
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2013-0787
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2013-29
Reference id Reference type URL
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00028.html
http://rhn.redhat.com/errata/RHSA-2013-0614.html
http://rhn.redhat.com/errata/RHSA-2013-0627.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0787.json
https://api.first.org/data/v1/epss?cve=CVE-2013-0787
https://bugzilla.mozilla.org/show_bug.cgi?id=848644
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0776
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0780
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0783
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0787
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1670
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1674
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1677
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1678
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1679
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1680
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1681
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16737
http://twitter.com/thezdi/statuses/309484730506698752
http://twitter.com/VUPEN/statuses/309505403631325184
http://www.debian.org/security/2013/dsa-2699
http://www.mozilla.org/security/announce/2013/mfsa2013-29.html
http://www.securityfocus.com/bid/58391
http://www.ubuntu.com/usn/USN-1758-1
918876 https://bugzilla.redhat.com/show_bug.cgi?id=918876
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:17.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:17.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:17.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:17.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:17.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:2.16:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:2.16:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:2.16:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:2.16:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.16:beta5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:2.16:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*
CVE-2013-0787 https://nvd.nist.gov/vuln/detail/CVE-2013-0787
GLSA-201309-23 https://security.gentoo.org/glsa/201309-23
mfsa2013-29 https://www.mozilla.org/en-US/security/advisories/mfsa2013-29
RHSA-2013:0614 https://access.redhat.com/errata/RHSA-2013:0614
RHSA-2013:0627 https://access.redhat.com/errata/RHSA-2013:0627
USN-1758-1 https://usn.ubuntu.com/1758-1/
USN-1758-2 https://usn.ubuntu.com/1758-2/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2013-0787
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.8187
EPSS Score 0.01958
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.