CVE-2013-5615

CVE Database · CVE-2013-5615

CVE-2013-5615

· CRITICALModified

CVSS v3.1

9.8

EPSS

4.22%

Published

Dec 11, 2013

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (18)

mozilla · firefox (up to 26.0)vulnerable

mozilla · firefox (up to 24.2)vulnerable

mozilla · seamonkey (up to 2.23)vulnerable

mozilla · thunderbird (up to 24.2)vulnerable

canonical · ubuntu_linuxvulnerable