CVE-2013-1712 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-1712 Interim 1 18 2023-12-08T02:42:16Z current 2021-05-30T13:10:23Z 2023-12-08T02:42:16Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-1712 Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2013-August/000587.html E-Mail link for SUSE-SU-2013:1382-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 MozillaFirefox-17.0.8esr-0.4.2.1 MozillaFirefox-17.0.8esr-0.7.2 MozillaFirefox-devel-17.0.8esr-0.7.2 MozillaFirefox-translations-17.0.8esr-0.4.2.1 MozillaFirefox-translations-17.0.8esr-0.7.2 libfreebl3-3.13.5-0.4.2 libfreebl3-32bit-3.13.5-0.4.2 mozilla-nspr-32bit-4.9.1-0.5.1 mozilla-nspr-4.9.1-0.5.1 mozilla-nss-3.13.5-0.4.2 mozilla-nss-32bit-3.13.5-0.4.2 mozilla-nss-tools-3.13.5-0.4.2 mozilla-xulrunner191-1.9.1.11-0.1.1 mozilla-xulrunner191-32bit-1.9.1.11-0.1.1 mozilla-xulrunner191-gnomevfs-1.9.1.11-0.1.1 mozilla-xulrunner191-translations-1.9.1.11-0.1.1 mozilla-xulrunner192-1.9.2.24-0.3.1 mozilla-xulrunner192-32bit-1.9.2.24-0.3.1 mozilla-xulrunner192-gnome-1.9.2.24-0.3.1 mozilla-xulrunner192-translations-1.9.2.24-0.3.1 MozillaFirefox-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 MozillaFirefox-translations-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 MozillaFirefox-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Desktop 11 SP3 MozillaFirefox-translations-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Desktop 11 SP3 MozillaFirefox-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA MozillaFirefox-translations-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libfreebl3-3.13.5-0.4.2 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libfreebl3-32bit-3.13.5-0.4.2 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nspr-4.9.1-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nspr-32bit-4.9.1-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nss-3.13.5-0.4.2 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nss-32bit-3.13.5-0.4.2 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nss-tools-3.13.5-0.4.2 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner191-1.9.1.11-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner191-32bit-1.9.1.11-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner191-gnomevfs-1.9.1.11-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner191-translations-1.9.1.11-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner192-1.9.2.24-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner192-32bit-1.9.2.24-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner192-gnome-1.9.2.24-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-xulrunner192-translations-1.9.2.24-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA MozillaFirefox-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-translations-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-translations-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA MozillaFirefox-translations-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA MozillaFirefox-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 MozillaFirefox-translations-17.0.8esr-0.4.2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 MozillaFirefox-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 MozillaFirefox-translations-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 MozillaFirefox-devel-17.0.8esr-0.7.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory. CVE-2013-1712 SUSE Linux Enterprise Desktop 11 SP2:MozillaFirefox-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Desktop 11 SP2:MozillaFirefox-translations-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-17.0.8esr-0.7.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-17.0.8esr-0.7.2 SUSE Linux Enterprise Server 11 SP1-TERADATA:MozillaFirefox-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:MozillaFirefox-translations-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:libfreebl3-3.13.5-0.4.2 SUSE Linux Enterprise Server 11 SP1-TERADATA:libfreebl3-32bit-3.13.5-0.4.2 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nspr-4.9.1-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nspr-32bit-4.9.1-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nss-3.13.5-0.4.2 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nss-32bit-3.13.5-0.4.2 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nss-tools-3.13.5-0.4.2 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner191-1.9.1.11-0.1.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner191-32bit-1.9.1.11-0.1.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner191-gnomevfs-1.9.1.11-0.1.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner191-translations-1.9.1.11-0.1.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner192-1.9.2.24-0.3.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner192-32bit-1.9.2.24-0.3.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner192-gnome-1.9.2.24-0.3.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-xulrunner192-translations-1.9.2.24-0.3.1 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-translations-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-17.0.8esr-0.7.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-17.0.8esr-0.7.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-17.0.8esr-0.7.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-17.0.8esr-0.7.2 SUSE Linux Enterprise Server for SAP Applications 11 SP2:MozillaFirefox-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:MozillaFirefox-translations-17.0.8esr-0.4.2.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-17.0.8esr-0.7.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-17.0.8esr-0.7.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-17.0.8esr-0.7.2 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C