ByteOS Network

NVD Vulnerability Details :

CVE-2013-1715

Deferred

Source-security@mozilla.org

Published At-07 Aug, 2013 | 01:55

Updated At-11 Apr, 2025 | 00:51

Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory. NOTE: this issue exists because of an incomplete fix for CVE-2012-4206.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.9	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:C

CPE Matches

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

Evaluator Description

Per: http://cwe.mitre.org/data/definitions/426.html CWE-426 Untrusted Search Path

References

Hyperlink	Source	Resource
http://www.mozilla.org/security/announce/2013/mfsa2013-74.html	security@mozilla.org	Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=883165	security@mozilla.org	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18210	security@mozilla.org	N/A
http://www.mozilla.org/security/announce/2013/mfsa2013-74.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=883165	af854a3a-2127-422b-91ae-364da2661108	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18210	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History