PT-2011-4219 · Mozilla · Thunderbird+1

Mitja Kolsek

Publicado

2011-08-18

Atualizado

2017-09-19

CVE-2011-2980

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.6.20 Thunderbird versions prior to 3.1.12

Description The issue allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running process. This is due to an untrusted search path vulnerability in the ThinkPadSensor::Startup function.

Recommendations For Mozilla Firefox versions prior to 3.6.20, update to version 3.6.20 or later. For Thunderbird versions prior to 3.1.12, update to version 3.1.12 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2011-2980

Produtos afetados

Firefox

Thunderbird

PT-2011-4219 · Mozilla · Thunderbird+1

CVE-2011-2980

Identificadores relacionados

Produtos afetados

Referências · 7