CVE-2013-1672Mozilla Firefox vulnerability

CWE-2643 documents3 sources
Severity
6.9MEDIUMNVD
EPSS
0.0%
top 90.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla FirefoxMozilla ThunderbirdMozilla Thunderbird ESR
Timeline
PublishedMay 16
Latest updateMay 17

Description

The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages3 packages

NVDmozilla/firefox20.0.1+10
NVDmozilla/thunderbird17.0.5+5

🔴Vulnerability Details

2
GHSA
GHSA-j9qw-8pqm-vfx8: The Mozilla Maintenance Service in Mozilla Firefox before 212022-05-17
CVEList
CVE-2013-1672: The Mozilla Maintenance Service in Mozilla Firefox before 212013-05-16
CVE-2013-1672 — Mozilla Firefox vulnerability | cvebase