6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
13.6%
Security researcher Masato Kinugawa reported that if a crafted executable is placed in the root partition on a Windows file system, the Firefox and Thunderbird installer will launch this program after a standard installation instead of Firefox or Thunderbird, running this program with the userβs privileges.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 15 | |
firefox esr | lt | 10.0.7 | |
seamonkey | lt | 2.13.2 | |
thunderbird | lt | 16.0.2 | |
thunderbird esr | lt | 10.0.10 |