QwikSec

Security Database

CVE

CWE

Training

CVE-2013-0787

Published: Mar 11, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

http://twitter.com/VUPEN/statuses/309505403631325184

x_refsource_MISC

oval:org.mitre.oval:def:16737

vdb-entry

signature

x_refsource_OVAL

http://twitter.com/thezdi/statuses/309484730506698752

x_refsource_MISC

vdb-entry

x_refsource_BID

https://bugzilla.mozilla.org/show_bug.cgi?id=848644

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2013:0468

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:0465

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:0467

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:0431

vendor-advisory

x_refsource_SUSE

SUSE-SU-2013:0470

vendor-advisory

x_refsource_SUSE

http://www.mozilla.org/security/announce/2013/mfsa2013-29.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.