CVE-2013-1672

The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.

Published: May 16, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-1672
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
mozilla / firefox	-	20.0.1.x
mozilla / firefox	19.0	19.0.x
mozilla / firefox	19.0.1	19.0.1.x
mozilla / firefox	19.0.2	19.0.2.x
mozilla / firefox	20.0	20.0.x
mozilla / firefox_esr	17.0	17.0.x
mozilla / firefox_esr	17.0.1	17.0.1.x
mozilla / firefox_esr	17.0.2	17.0.2.x
mozilla / firefox_esr	17.0.3	17.0.3.x
mozilla / firefox_esr	17.0.4	17.0.4.x
mozilla / firefox_esr	17.0.5	17.0.5.x
mozilla / thunderbird	-	17.0.5.x
mozilla / thunderbird	17.0	17.0.x
mozilla / thunderbird	17.0.1	17.0.1.x
mozilla / thunderbird	17.0.2	17.0.2.x
mozilla / thunderbird	17.0.3	17.0.3.x
mozilla / thunderbird	17.0.4	17.0.4.x
mozilla / thunderbird_esr	-	17.0.5.x
mozilla / thunderbird_esr	17.0	17.0.x
mozilla / thunderbird_esr	17.0.1	17.0.1.x
mozilla / thunderbird_esr	17.0.2	17.0.2.x
mozilla / thunderbird_esr	17.0.3	17.0.3.x
mozilla / thunderbird_esr	17.0.4	17.0.4.x

Vulnerability Database

289,697

CVE-2013-1672