// For flags

CVE-2013-0774

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.

Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thunderbird anterior a v17.0.3, Thunderbird ESR v17.x anterior a v17.0.3, y SeaMonkey anterior a v2.16 no previene la lectura de JavaScript desde el directorio del perfil de navegaciĆ³n, lo que permite llevar a cabo ataques remotos con un impacto no especificado.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-01-02 CVE Reserved
  • 2013-02-19 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 < 19.0
Search vendor "Mozilla" for product "Firefox" and version " < 19.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox Esr
Search vendor "Mozilla" for product "Firefox Esr"
 < 17.0.3
Search vendor "Mozilla" for product "Firefox Esr" and version " < 17.0.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Seamonkey
Search vendor "Mozilla" for product "Seamonkey"
 < 2.16
Search vendor "Mozilla" for product "Seamonkey" and version " < 2.16"
-
Affected
Mozilla
Search vendor "Mozilla"
 Thunderbird
Search vendor "Mozilla" for product "Thunderbird"
 < 17.0.3
Search vendor "Mozilla" for product "Thunderbird" and version " < 17.0.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Thunderbird Esr
Search vendor "Mozilla" for product "Thunderbird Esr"
 < 17.0.3
Search vendor "Mozilla" for product "Thunderbird Esr" and version " < 17.0.3"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 11.4
Search vendor "Opensuse" for product "Opensuse" and version "11.4"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 12.1
Search vendor "Opensuse" for product "Opensuse" and version "12.1"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 12.2
Search vendor "Opensuse" for product "Opensuse" and version "12.2"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 10.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 11.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "11.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
esm
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 12.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10"
-
Affected