CVE-2013-1684

CVE Database · CVE-2013-1684

CVE-2013-1684

· N/AModified

CVSS v3.1

N/A

EPSS

3.54%

Published

Jun 26, 2013

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.

Weaknesses (CWE)

CWE-399

Affected Products (27)

mozilla · firefoxvulnerable

· firefox

References (20)

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html

http://rhn.redhat.com/errata/RHSA-2013-0981.html

http://rhn.redhat.com/errata/RHSA-2013-0982.html

http://www.debian.org/security/2013/dsa-2716

http://www.debian.org/security/2013/dsa-2720

http://www.mozilla.org/security/announce/2013/mfsa2013-50.html

KEV Catalog EPSS Scores Vendors All CVEs