VYPR
Unrated severityNVD Advisory· Published Jan 13, 2013· Updated Jun 16, 2026

CVE-2013-0754

CVE-2013-0754

Description

Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

33
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <18.0
    • (no CPE)range: <18.0, ESR 10.x <10.0.12, ESR 17.x <17.0.2
  • cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <2.15
    • (no CPE)range: <2.15
  • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <17.0.2
    • cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*range: >=10.0,<10.0.12
    • (no CPE)range: <17.0.2, ESR 10.x <10.0.12, ESR 17.x <17.0.2
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE3 versions
    cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
  • cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
  • osv-coords3 versions
    < 128.5.1-1.1+ 2 more
    • (no CPE)range: < 128.5.1-1.1
    • (no CPE)range: < 50.1.0-1.1
    • (no CPE)range: < 45.5.1-1.1

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.