[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252097

 
 

909

 
 

196747

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-1672Date: (C)2013-05-16   (M)2024-03-27


The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.9
Exploit Score: 3.4
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
IAVM:2013-A-0109
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
https://bugzilla.mozilla.org/show_bug.cgi?id=850492
oval:org.mitre.oval:def:16915

CPE    23
cpe:/a:mozilla:firefox_esr:17.0
cpe:/a:mozilla:firefox:20.0.1
cpe:/a:mozilla:firefox:19.0
cpe:/a:mozilla:thunderbird:17.0
...
CWE    1
CWE-264
OVAL    2
oval:org.secpod.oval:def:11202
oval:org.secpod.oval:def:11203

© SecPod Technologies