admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 01:31:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2013/CVE-2013-0757.md

19 lines
966 B
Markdown
Raw Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2013-0757](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0757)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.
### POC
#### Reference
- https://bugzilla.mozilla.org/show_bug.cgi?id=813901
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- https://bugzilla.mozilla.org/show_bug.cgi?id=813901
Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
#### Github
- https://github.com/evearias/ciberseguridad-Parcial
Reference in New Issue Copy Permalink