CVE-2013-0753

Mozilla Firefox <18 - Use After Free

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-0753. PoCs published by Metasploit, regenrecht, juan vazquez, including Metasploit module exploits/windows/browser/mozilla_firefox_xmlserializer.

AI-analyzed exploit summary This Metasploit module exploits a use-after-free vulnerability in Firefox 17.0 (< 17.0.2) via XMLSerializer's serializeToStream method, achieving remote code execution through heap spraying and ROP chains.

Description

Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/27940

This Metasploit module exploits a use-after-free vulnerability in Firefox 17.0 (< 17.0.2) via XMLSerializer's serializeToStream method, achieving remote code execution through heap spraying and ROP chains.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Mozilla Firefox 17.0 (< 17.0.2)
No auth needed
Prerequisites: Target must be using Firefox 17.0 on Windows XP SP3 · JavaScript must be enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by regenrecht, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/mozilla_firefox_xmlserializer.rb

This Metasploit module exploits a use-after-free vulnerability in Firefox 17.0 (< 17.0.2) via the XMLSerializer's serializeToStream method. It uses heap spraying and ROP chains to achieve remote code execution on Windows XP SP3.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Mozilla Firefox 17.0 (< 17.0.2)
No auth needed
Prerequisites: Target must be using Firefox 17.0 (< 17.0.2) on Windows XP SP3 · Target must visit a malicious webpage hosting the exploit
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (12)

Core 12
Core References
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0145.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1681-4
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0144.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1681-1
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html
Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=814001
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1681-2

Scores

EPSS 0.5132
EPSS Percentile 98.8%

Details

CWE
CWE-416
Status published
Products (26)
canonical/ubuntu_linux 10.04
canonical/ubuntu_linux 11.10
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 12.10
mozilla/firefox < 18.0
mozilla/seamonkey < 2.15
mozilla/thunderbird < 17.0.2
mozilla/thunderbird_esr 10.0 - 10.0.12
opensuse/opensuse 11.4
opensuse/opensuse 12.1
... and 16 more
Published Jan 13, 2013
Tracked Since Feb 18, 2026