← volver
CVE-2013-0753

CVE-2013-0753

EPSS 51.3%
Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/27940no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0144.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0145.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=814001https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17053http://www.mozilla.org/security/announce/2013/mfsa2013-16.htmlhttp://www.ubuntu.com/usn/USN-1681-1http://www.ubuntu.com/usn/USN-1681-2http://www.ubuntu.com/usn/USN-1681-4