PT-2013-3308 · Mozilla+1 · Firefox+1
Published
2013-05-16
·
Updated
2017-09-19
·
CVE-2013-1673
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Mozilla Firefox versions prior to 21.0
Description
The issue arises from the Mozilla Updater in Mozilla Firefox not properly maintaining Mozilla Maintenance Service registry entries during upgrades from older versions. This allows local users with write access to a "trusted path" to gain privileges.
Recommendations
For versions prior to 21.0, update to version 21.0 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Firefox
Suse