CVE-2012-4206

Mozilla Firefox <17.0 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16991
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=792106
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/80176

Scores

EPSS 0.0033
EPSS Percentile 24.7%

Details

Status published
Products (46)
mozilla/firefox 0.1
mozilla/firefox 0.2
mozilla/firefox 0.3
mozilla/firefox 0.4
mozilla/firefox 0.5
mozilla/firefox 0.6
mozilla/firefox 0.6.1
mozilla/firefox 0.7
mozilla/firefox 0.7.1
mozilla/firefox 0.8
... and 36 more
Published Nov 21, 2012
Tracked Since Feb 18, 2026