The maintenance service in Mozilla Firefox prior to 47.0 and Firefox ESR 45.x prior to 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox_esr 45.1.1 |
||
mozilla firefox_esr 45.1.0 |
||
mozilla firefox |