CVE-2013-1700

The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on Windows does not properly handle inability to launch the Mozilla Updater executable file, which allows local users to gain privileges via vectors involving placement of a Trojan horse executable file at an arbitrary location.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mozillaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
mozillafirefox
𝑥
≤ 21.0
mozillafirefox
19.0
mozillafirefox
19.0.1
mozillafirefox
19.0.2
mozillafirefox
20.0
mozillafirefox
20.0.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
raring
not-affected
quantal
not-affected
precise
not-affected
lucid
ignored
Common Weakness Enumeration
References
http://www.mozilla.org/security/announce/2013/mfsa2013-62.html
https://bugzilla.mozilla.org/show_bug.cgi?id=867056
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17126
http://www.mozilla.org/security/announce/2013/mfsa2013-62.html
https://bugzilla.mozilla.org/show_bug.cgi?id=867056
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17126