CVE-2013-1672

The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mozillaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
VendorProductVersion
mozillafirefox
𝑥
≤ 20.0.1
mozillafirefox
19.0
mozillafirefox
19.0.1
mozillafirefox
19.0.2
mozillafirefox
20.0
mozillafirefox
17.0
mozillafirefox
17.0.1
mozillafirefox
17.0.2
mozillafirefox
17.0.3
mozillafirefox
17.0.4
mozillafirefox
17.0.5
mozillathunderbird
𝑥
≤ 17.0.5
mozillathunderbird
17.0
mozillathunderbird
17.0.1
mozillathunderbird
17.0.2
mozillathunderbird
17.0.3
mozillathunderbird
17.0.4
mozillathunderbird_esr
𝑥
≤ 17.0.5
mozillathunderbird_esr
17.0
mozillathunderbird_esr
17.0.1
mozillathunderbird_esr
17.0.2
mozillathunderbird_esr
17.0.3
mozillathunderbird_esr
17.0.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
raring
not-affected
quantal
not-affected
precise
not-affected
lucid
ignored
thunderbird
raring
not-affected
quantal
not-affected
precise
not-affected
lucid
ignored
Common Weakness Enumeration
References
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
https://bugzilla.mozilla.org/show_bug.cgi?id=850492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
https://bugzilla.mozilla.org/show_bug.cgi?id=850492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915