Skip to content
appaloosa scout logo main rounded
N/A

CVE-2013-1725

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.

EPSS 2.9% percentile 86.4%

Affected tracked apps

Thunderbird
winget:Mozilla.Thunderbird
1 open

Vulnerable CPE configurations

Vendor Product Platform Versions CPE 2.3 URI
mozilla thunderbird Windows ≤17.0.9 cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.5:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.6:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.7:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:17.0.8:*:*:*:*:*:*:*
View on NVD ↗