CVE-2013-1715

Mozilla Firefox <23.0 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory. NOTE: this issue exists because of an incomplete fix for CVE-2012-4206.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18210
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=883165

Scores

EPSS 0.0041
EPSS Percentile 33.6%

Details

Status published
Products (7)
mozilla/firefox 19.0
mozilla/firefox 19.0.1
mozilla/firefox 19.0.2
mozilla/firefox 20.0
mozilla/firefox 20.0.1
mozilla/firefox 21.0
mozilla/firefox < 22.0
Published Aug 07, 2013
Tracked Since Feb 18, 2026