CVE-2013-1727 — Vulnetix

Try Vulnetix Request Demo

CVE-2013-1727 PUBLISHED CVSS 4 MEDIUM

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.

EPSS 2.24% · 84.4th percentile

Risk Scores

CVSS v2.0

4

EPSS Score

2.24%

84.4th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
mozilla	firefox	0, 19.0, 19.0.1

Timeline

Sep 17, 2013 PoC Published
Sep 18, 2013 CVE Published
Oct 2, 2013 PoC Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

FEDORA-2013-16992 vendor-advisory
FEDORA-2013-17074 vendor-advisory
http://www.mozilla.org/security/announce/2013/mfsa2013-84.html url
https://bugzilla.mozilla.org/show_bug.cgi?id=782581 url
FEDORA-2013-17047 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2013-1727 advisory

Open in Interactive Console →