Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2012-3974

Published: 29/08/2012 Updated: 19/09/2017
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

Untrusted search path vulnerability in the installer in Mozilla Firefox prior to 15.0, Firefox ESR 10.x prior to 10.0.7, Thunderbird prior to 15.0, and Thunderbird ESR 10.x prior to 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox 11.0

mozilla firefox 10.0.2

mozilla firefox 7.0

mozilla firefox 6.0.2

mozilla firefox 4.0

mozilla firefox 3.6.23

mozilla firefox 3.0

mozilla firefox 3.6.6

mozilla firefox 3.0.17

mozilla firefox 3.6.17

mozilla firefox 3.0.9

mozilla firefox 3.5.9

mozilla firefox 3.5.10

mozilla firefox 3.6.21

mozilla firefox 3.0.3

mozilla firefox 3.5.13

mozilla firefox 3.6.16

mozilla firefox 3.6.14

mozilla firefox 3.5.15

mozilla firefox 3.5.4

mozilla firefox 3.5.6

mozilla firefox 2.0.0.17

mozilla firefox 2.0.0.10

mozilla firefox 2.0.0.4

mozilla firefox 2.0.0.3

mozilla firefox 1.0

mozilla firefox 1.0.3

mozilla firefox 1.0.8

mozilla firefox 1.4.1

mozilla firefox 1.5.0.1

mozilla firefox 1.5.0.10

mozilla firefox 1.5.0.6

mozilla firefox 1.5.0.7

mozilla firefox 1.5

mozilla firefox 12.0

mozilla firefox 8.0.1

mozilla firefox 7.0.1

mozilla firefox 4.0.1

mozilla firefox 3.6.3

mozilla firefox 3.0.5

mozilla firefox 3.6.8

mozilla firefox 3.6.18

mozilla firefox 3.0.16

mozilla firefox 3.5.2

mozilla firefox 3.6.4

mozilla firefox 3.6.20

mozilla firefox 3.5.14

mozilla firefox 3.5.12

mozilla firefox 3.0.12

mozilla firefox

mozilla firefox 13.0

mozilla firefox 9.0.1

mozilla firefox 9.0

mozilla firefox 8.0

mozilla firefox 5.0.1

mozilla firefox 5.0

mozilla firefox 3.6.25

mozilla firefox 3.6.24

mozilla firefox 3.6.19

mozilla firefox 3.6.12

mozilla firefox 3.0.7

mozilla firefox 3.5.8

mozilla firefox 3.0.2

mozilla firefox 3.0.14

mozilla firefox 3.6.2

mozilla firefox 3.6.11

mozilla firefox 3.0.11

mozilla firefox 3.6.9

mozilla firefox 3.0.8

mozilla firefox 3.0.4

mozilla firefox 2.0.0.12

mozilla firefox 2.0.0.19

mozilla firefox 2.0.0.15

mozilla firefox 2.0.0.7

mozilla firefox 2.0.0.8

mozilla firefox 2.0.0.13

mozilla firefox 1.0.4

mozilla firefox 1.0.7

mozilla firefox 1.5.0.5

mozilla firefox 1.5.0.2

mozilla firefox 1.5.0.3

mozilla firefox 1.5.1

mozilla firefox 1.5.2

mozilla firefox 1.5.8

mozilla firefox 1.5.7

mozilla firefox 3.6.15

mozilla firefox 3.0.13

mozilla firefox 3.5.3

mozilla firefox 2.0.0.20

mozilla firefox 2.0.0.9

mozilla firefox 2.0

mozilla firefox 2.0.0.6

mozilla firefox 2.0.0.5

mozilla firefox 2.0.0.18

mozilla firefox 1.0.1

mozilla firefox 1.0.6

mozilla firefox 1.5.0.11

mozilla firefox 1.5.0.12

mozilla firefox 1.5.0.8

mozilla firefox 1.5.0.9

mozilla firefox 1.5.6

mozilla firefox 1.5.5

mozilla firefox 10.0

mozilla firefox 10.0.1

mozilla firefox 6.0.1

mozilla firefox 6.0

mozilla firefox 3.0.1

mozilla firefox 3.6.13

mozilla firefox 3.5.7

mozilla firefox 3.6.7

mozilla firefox 3.5.11

mozilla firefox 3.5.5

mozilla firefox 3.0.15

mozilla firefox 3.6

mozilla firefox 3.6.22

mozilla firefox 3.6.10

mozilla firefox 3.5.1

mozilla firefox 3.0.6

mozilla firefox 3.0.10

mozilla firefox 3.5

mozilla firefox 2.0.0.14

mozilla firefox 2.0.0.16

mozilla firefox 2.0.0.11

mozilla firefox 2.0.0.2

mozilla firefox 2.0.0.1

mozilla firefox 1.0.2

mozilla firefox 1.0.5

mozilla firefox 1.5.0.4

mozilla firefox 1.5.3

mozilla firefox 1.5.4

mozilla firefox 1.8

mozilla firefox_esr 10.0.6

mozilla firefox_esr 10.0.2

mozilla firefox_esr 10.0.3

mozilla firefox_esr 10.0.4

mozilla firefox_esr 10.0.5

mozilla firefox_esr 10.0

mozilla firefox_esr 10.0.1

mozilla thunderbird 11.0

mozilla thunderbird 10.0.2

mozilla thunderbird 8.0

mozilla thunderbird 7.0.1

mozilla thunderbird 7.0

mozilla thunderbird 3.1.14

mozilla thunderbird 3.1.13

mozilla thunderbird 3.1

mozilla thunderbird

mozilla thunderbird 10.0.1

mozilla thunderbird 10.0

mozilla thunderbird 6.0.2

mozilla thunderbird 5.0

mozilla thunderbird 3.1.6

mozilla thunderbird 3.1.2

mozilla thunderbird 3.1.11

mozilla thunderbird 3.1.19

mozilla thunderbird 3.0.8

mozilla thunderbird 3.0.7

mozilla thunderbird 3.1.17

mozilla thunderbird 2.0.0.1

mozilla thunderbird 2.0.0.8

mozilla thunderbird 2.0.0.7

mozilla thunderbird 2.0.0.6

mozilla thunderbird 2.0.0.12

mozilla thunderbird 1.5.0.9

mozilla thunderbird 1.5.0.8

mozilla thunderbird 1.0.2

mozilla thunderbird 1.0.3

mozilla thunderbird 1.0.4

mozilla thunderbird 1.5.0.10

mozilla thunderbird 1.5.0.11

mozilla thunderbird 1.5

mozilla thunderbird 1.7.1

mozilla thunderbird 3.1.8

mozilla thunderbird 3.0

mozilla thunderbird 3.0.5

mozilla thunderbird 3.0.2

mozilla thunderbird 3.0.11

mozilla thunderbird 3.1.5

mozilla thunderbird 2.0.0.2

mozilla thunderbird 2.0.0.19

mozilla thunderbird 2.0.0.15

mozilla thunderbird 2.0.0.14

mozilla thunderbird 2.0.0.13

mozilla thunderbird 2.0.0.22

mozilla thunderbird 1.0.6

mozilla thunderbird 1.0.7

mozilla thunderbird 1.5.0.4

mozilla thunderbird 1.5.0.6

mozilla thunderbird 1.5.0.12

mozilla thunderbird 1.5.0.5

mozilla thunderbird 1.0.1

mozilla thunderbird 13.0

mozilla thunderbird 12.0

mozilla thunderbird 9.0.1

mozilla thunderbird 9.0

mozilla thunderbird 3.1.15

mozilla thunderbird 3.1.16

mozilla thunderbird 3.0.6

mozilla thunderbird 3.1.1

mozilla thunderbird 3.1.18

mozilla thunderbird 3.0.4

mozilla thunderbird 3.1.4

mozilla thunderbird 3.1.3

mozilla thunderbird 2.0.0.0

mozilla thunderbird 2.0.0.3

mozilla thunderbird 2.0.0.20

mozilla thunderbird 2.0.0.21

mozilla thunderbird 2.0.0.16

mozilla thunderbird 2.0.0.11

mozilla thunderbird 2.0

mozilla thunderbird 1.5.2

mozilla thunderbird 1.5.1

mozilla thunderbird 1.0.5

mozilla thunderbird 1.5.0.3

mozilla thunderbird 1.5.0.2

mozilla thunderbird 1.7.3

mozilla thunderbird 1.0

mozilla thunderbird 10.0.3

mozilla thunderbird 10.0.4

mozilla thunderbird 6.0

mozilla thunderbird 6.0.1

mozilla thunderbird 3.1.12

mozilla thunderbird 3.1.7

mozilla thunderbird 3.1.10

mozilla thunderbird 3.1.9

mozilla thunderbird 3.0.3

mozilla thunderbird 3.0.1

mozilla thunderbird 3.0.9

mozilla thunderbird 3.0.10

mozilla thunderbird 2.0.0.5

mozilla thunderbird 2.0.0.4

mozilla thunderbird 2.0.0.17

mozilla thunderbird 2.0.0.9

mozilla thunderbird 2.0.0.23

mozilla thunderbird 2.0.0.18

mozilla thunderbird 1.0.8

mozilla thunderbird 1.5.0.7

mozilla thunderbird 1.5.0.1

mozilla thunderbird 1.5.0.13

mozilla thunderbird 1.5.0.14

mozilla thunderbird_esr 10.0

mozilla thunderbird_esr 10.0.1

mozilla thunderbird_esr 10.0.4

mozilla thunderbird_esr 10.0.5

mozilla thunderbird_esr 10.0.2

mozilla thunderbird_esr 10.0.3

mozilla thunderbird_esr 10.0.6

Vendor Advisories

Mozilla: Installer will launch incorrect executable following new installation
Mozilla Foundation Security Advisory 2012-67 Installer will launch incorrect executable following new installation Announced August 28, 2012 Reporter Masato Kinugawa Impact Moderate Products Firefox, Firefox ESR, SeaMonkey, T ...

References

CWE-399http://www.mozilla.org/security/announce/2012/mfsa2012-67.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=770478http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.htmlhttp://www.securityfocus.com/bid/55312http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16692https://nvd.nist.govhttps://www.mozilla.org/en-US/security/advisories/mfsa2012-67/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook