CVE Vulnerabilities

CVE-2013-1700

Published: Jun 26, 2013 | Modified: Sep 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on Windows does not properly handle inability to launch the Mozilla Updater executable file, which allows local users to gain privileges via vectors involving placement of a Trojan horse executable file at an arbitrary location.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla * 21.0
Firefox Mozilla 19.0 19.0
Firefox Mozilla 19.0.1 19.0.1
Firefox Mozilla 19.0.2 19.0.2
Firefox Mozilla 20.0 20.0
Firefox Mozilla 20.0.1 20.0.1

References