Lucene search

K

MozillaCVELIST:CVE-2013-1726

HistorySep 18, 2013 - 10:00 a.m.

CVE-2013-1726

2013-09-1810:00:00

mozilla

www.cve.org

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

44.0%

Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating a Trojan horse file after MAR signature verification but before MAR use.

References

lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html

lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html

lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html

www.mozilla.org/security/announce/2013/mfsa2013-83.html

bugzilla.mozilla.org/show_bug.cgi?id=890853

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18821

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

44.0%

Related for CVELIST:CVE-2013-1726

prion1 cve1 openvas13 mozilla1 nvd1 nessus15 suse1 freebsd1 securityvulns1 gentoo1