CVE-2013-5618

CVE Database · CVE-2013-5618

CVE-2013-5618

· CRITICALModified

CVSS v3.1

9.8

EPSS

10.41%

Published

Dec 11, 2013

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-416

Affected Products (28)

mozilla · firefox (up to 26.0)vulnerable

mozilla · firefox (up to 24.2)vulnerable

mozilla · seamonkey (up to 2.23)vulnerable

mozilla · thunderbird (up to 24.2)vulnerable

fedoraproject · fedoravulnerable

suse · suse_linux_enterprise_software_development_kitvulnerable

opensuse · opensusevulnerable