CVE-2013-1722Use After Free in Mozilla Firefox

CWE-399CWE-416Use After Free7 documents6 sources
Severity
9.3CRITICALNVD
EPSS
3.9%
top 11.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird+1 more
Timeline
PublishedSep 18
Latest updateMay 17

Description

Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages4 packages

NVDmozilla/firefox23.0.1+17
NVDmozilla/thunderbird17.0.9+9
NVDmozilla/thunderbird_esr9 versions+8
NVDmozilla/seamonkey2.20+36

🔴Vulnerability Details

2
GHSA
GHSA-mxp7-8xq8-9gw6: Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 242022-05-17
CVEList
CVE-2013-1722: Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 242013-09-18

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2013-09-18
Red Hat
Mozilla: Use-after-free in Animation Manager during stylesheet cloning (MFSA 2013-79)2013-09-17
Ubuntu
Firefox vulnerabilities2013-09-17

💬Community

1
Bugzilla
CVE-2013-1722 Mozilla: Use-after-free in Animation Manager during stylesheet cloning (MFSA 2013-79)2013-09-17
CVE-2013-1722 — Use After Free in Mozilla Firefox | cvebase