Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2013-09-18T10:00:00
Updated: 2024-08-06T15:13:32.358Z
Reserved: 2013-02-13T00:00:00
Link: CVE-2013-1730
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-09-18T10:08:24.587
Modified: 2017-09-19T01:36:13.763
Link: CVE-2013-1730
Redhat