CVE-2013-1737 vulnerability in Mozilla Products
Published on September 18, 2013

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2013-1737

Want to know whenever a new CVE is published for Mozilla products? stack.watch will email you.

Mozilla Thunderbird Esr

Mozilla SeaMonkey

Mozilla Firefox

Mozilla Thunderbird

Exploit Probability

EPSS

0.42%

Percentile

61.36%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2013-1737 vulnerability in Mozilla ProductsPublished on September 18, 2013

Products Associated with CVE-2013-1737

Exploit Probability

CVE-2013-1737 vulnerability in Mozilla Products
Published on September 18, 2013