CVE-2012-1943 — Mozilla Firefox vulnerability

4 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 83.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird

Timeline

PublishedJun 5

Latest updateMay 14

Description

Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allows local users to gain privileges via a Trojan horse wsock32.dll file in an application directory.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages3 packages

▶NVDmozilla/firefox12.0

▶NVDmozilla/seamonkey2.9

▶NVDmozilla/thunderbird12.0

🔴Vulnerability Details

GHSA

GHSA-xrjg-wm25-cxc7: Untrusted search path vulnerability in Updater↗2022-05-14

▶

CVEList

CVE-2012-1943: Untrusted search path vulnerability in Updater↗2012-06-05

▶