CVE-2013-0777: Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)

Severity: Critical

CVSS Score: 9.3

Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.