Race condition in the Mozilla Maintenance Service in Mozilla Firefox prior to 40.0 and Firefox ESR 38.x prior to 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla firefox_esr 38.0 |
||
mozilla firefox_esr 38.0.1 |
||
mozilla firefox_esr 38.0.5 |
||
mozilla firefox_esr 38.1.0 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |
||
oracle solaris 11.3 |