← Back

CVE-2013-1672

nvd nist
Published: May 16, 2013Modified: Apr 29, 2026

JSON object

Loading...
6.9
Vector
AV:L/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 3.4 / Impact: 10.0
Source: NVD

Description

The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.

Affected (23)

Mozilla
3 products
Firefox
Thunderbird
Thunderbird Esr
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Firefox
Up to 20.0.1
Firefox
Version 19.0.1
Firefox
Version 19.0.2
Firefox
Version 19.0
Firefox
Version 20.0
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Firefox
Version 17.0.1
Firefox
Version 17.0.2
Firefox
Version 17.0.3
Firefox
Version 17.0.4
Firefox
Version 17.0.5
Firefox
Version 17.0
Configuration C
6 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Thunderbird
Up to 17.0.5
Thunderbird
Version 17.0.1
Thunderbird
Version 17.0.2
Thunderbird
Version 17.0.3
Thunderbird
Version 17.0.4
Thunderbird
Version 17.0
Configuration D
6 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mozilla
Thunderbird Esr
Up to 17.0.5
Thunderbird Esr
Version 17.0.1
Thunderbird Esr
Version 17.0.2
Thunderbird Esr
Version 17.0.3
Thunderbird Esr
Version 17.0.4
Thunderbird Esr
Version 17.0
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-264
CWE-264

References (6)

Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Source: security@mozilla.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.