CVE-2013-1700
Firefox < 21.0 - Privilege Escalation via Trojan Horse Executable
Title source: llmDescription
The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on Windows does not properly handle inability to launch the Mozilla Updater executable file, which allows local users to gain privileges via vectors involving placement of a Trojan horse executable file at an arbitrary location.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17126
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=867056
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2013/mfsa2013-62.html
Scores
EPSS
0.0037
EPSS Percentile
29.3%
Details
CWE
CWE-264
Status
published
Products (6)
mozilla/firefox
19.0
mozilla/firefox
19.0.1
mozilla/firefox
19.0.2
mozilla/firefox
20.0
mozilla/firefox
20.0.1
mozilla/firefox
< 21.0
Published
Jun 26, 2013
Tracked Since
Feb 18, 2026