CVE-2013-0776

CVE Database · CVE-2013-0776

CVE-2013-0776

· N/AModified

CVSS v3.1

N/A

EPSS

1.30%

Published

Feb 19, 2013

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.

Weaknesses (CWE)

CWE-295

Affected Products (22)

mozilla · firefox (up to 17.0.3)vulnerable

mozilla · firefox (up to 19.0)vulnerable

mozilla · seamonkey (up to 2.16)vulnerable

mozilla · thunderbird (up to 17.0.3)vulnerable

mozilla · thunderbird_esr (up to 17.0.3)vulnerable

opensuse · opensusevulnerable

redhat · enterprise_linux_ausvulnerable

References (20)

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html