CVE-2013-0744 — Use After Free in Mozilla Firefox
Severity
9.3CRITICALNVD
EPSS
13.4%
top 5.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 13
Latest updateMay 13
Description
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages11 packages
Also affects: Ubuntu Linux 10.04, 11.10, 12.04, 12.10, Enterprise Linux 5.9, 6.3
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-hfm6-8rw8-xwh8: Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18↗2022-05-13
CVEList▶
CVE-2013-0744: Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18↗2013-01-13
📋Vendor Advisories
5Red Hat▶
Mozilla: Use-after-free when displaying table with many columns and column groups (MFSA 2013-05)↗2013-01-08
💬Community
1Bugzilla▶
CVE-2013-0744 Mozilla: Use-after-free when displaying table with many columns and column groups (MFSA 2013-05)↗2013-01-04