4 matches found
Mozilla Windows updater can be run outside of application directory — Mozilla
Security researcher Holger Fuhrmannek previously reported CVE-2015-0833, which was fixed in MFSA2015-12. That flaw allowed for the updater to load binary DLL format files from the local working directory or from the Windows temporary directories. During the fixing of CVE-2015-0833, the need to...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Mar 2015) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
CVE-2015-0833
CVE-2015-0833 affects Mozilla Firefox (pre-36.0), Firefox ESR (pre-31.x up to 31.5), and Thunderbird (pre-31.5) on Windows. It is a local privilege-escalation via untrusted search paths where a Trojan horse DLL (e.g., bcrypt.dll) in the current working directory or a temporary directory is loaded...
Firefox ESR 31.x < 31.5 Multiple Vulnerabilities
The version of Firefox ESR 31.x installed on the remote Windows host is prior to 31.5. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists related to the autocomplete feature that allows an attacker to read arbitrary files. CVE-2015-0822 ...