CVSS: 5.9EPSS: 93%CPEs: 34EXPL: 0CVE-2013-2566 – Gentoo Linux Security Advisory 201406-19
https://notcve.org/view.php?id=CVE-2013-2566
14 Mar 2013 — The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. El algoritmo RC4, tal como se usa en el protocolo TLS y protocolo SSL, tiene muchos "single-byte biases", lo que hace que sea más fácil para atacantes remotos realizar ataques de recuperación de texto claro a través de análisis estadístico... • http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html • CWE-326: Inadequate Encryption Strength •
CVSS: 9.8EPSS: 2%CPEs: 20EXPL: 0CVE-2013-0787 – Mozilla Firefox nsHTMLEditRules Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-0787
11 Mar 2013 — Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call. Vulnerabilidad en la gestión de recursos en la función nsEditor::IsPreformatted en editor/libeditor/base/nsEditor.cpp en Mozilla Firefox anterior a v19.0.... • http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157 • CWE-399: Resource Management Errors CWE-416: Use After Free •