CVE-2012-3974 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2012-3974 Interim 1 16 2023-12-08T02:50:00Z current 2021-05-30T13:05:33Z 2023-12-08T02:50:00Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2012-3974 Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2012-September/000253.html E-Mail link for SUSE-SU-2012:1167-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 MozillaFirefox-10.0.7-0.3.1 MozillaFirefox-branding-SLED-7-0.6.7.79 MozillaFirefox-branding-SLED-7-0.6.7.80 MozillaFirefox-translations-10.0.7-0.3.1 libfreebl3-3.13.6-0.5.1 libfreebl3-32bit-3.13.6-0.5.1 libfreebl3-x86-3.13.6-0.5.1 mozilla-nspr-32bit-4.9.2-0.6.1 mozilla-nspr-4.9.2-0.6.1 mozilla-nspr-devel-4.9.2-0.6.1 mozilla-nspr-x86-4.9.2-0.6.1 mozilla-nss-3.13.6-0.5.1 mozilla-nss-32bit-3.13.6-0.5.1 mozilla-nss-devel-3.13.6-0.5.1 mozilla-nss-tools-3.13.6-0.5.1 mozilla-nss-x86-3.13.6-0.5.1 MozillaFirefox-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 MozillaFirefox-branding-SLED-7-0.6.7.80 as a component of SUSE Linux Enterprise Desktop 11 SP2 MozillaFirefox-translations-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 libfreebl3-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 libfreebl3-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 mozilla-nspr-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 mozilla-nspr-32bit-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 mozilla-nss-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 mozilla-nss-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 mozilla-nss-tools-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Desktop 11 SP2 MozillaFirefox-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA MozillaFirefox-branding-SLED-7-0.6.7.79 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA MozillaFirefox-translations-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libfreebl3-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libfreebl3-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nspr-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nspr-32bit-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nss-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nss-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA mozilla-nss-tools-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA MozillaFirefox-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-branding-SLED-7-0.6.7.80 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-translations-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Server 11 SP2 libfreebl3-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 libfreebl3-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 libfreebl3-x86-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 mozilla-nspr-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 mozilla-nspr-32bit-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 mozilla-nspr-x86-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 mozilla-nss-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 mozilla-nss-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 mozilla-nss-tools-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 mozilla-nss-x86-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 MozillaFirefox-branding-SLED-7-0.6.7.80 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 MozillaFirefox-translations-10.0.7-0.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 libfreebl3-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 libfreebl3-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 libfreebl3-x86-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nspr-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nspr-32bit-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nspr-x86-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nss-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nss-32bit-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nss-tools-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nss-x86-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP2 mozilla-nspr-devel-4.9.2-0.6.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP2 mozilla-nss-devel-3.13.6-0.5.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP2 Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory. CVE-2012-3974 SUSE Linux Enterprise Desktop 11 SP2:MozillaFirefox-10.0.7-0.3.1 SUSE Linux Enterprise Desktop 11 SP2:MozillaFirefox-branding-SLED-7-0.6.7.80 SUSE Linux Enterprise Desktop 11 SP2:MozillaFirefox-translations-10.0.7-0.3.1 SUSE Linux Enterprise Desktop 11 SP2:libfreebl3-3.13.6-0.5.1 SUSE Linux Enterprise Desktop 11 SP2:libfreebl3-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Desktop 11 SP2:mozilla-nspr-4.9.2-0.6.1 SUSE Linux Enterprise Desktop 11 SP2:mozilla-nspr-32bit-4.9.2-0.6.1 SUSE Linux Enterprise Desktop 11 SP2:mozilla-nss-3.13.6-0.5.1 SUSE Linux Enterprise Desktop 11 SP2:mozilla-nss-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Desktop 11 SP2:mozilla-nss-tools-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:MozillaFirefox-10.0.7-0.3.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:MozillaFirefox-branding-SLED-7-0.6.7.79 SUSE Linux Enterprise Server 11 SP1-TERADATA:MozillaFirefox-translations-10.0.7-0.3.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:libfreebl3-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:libfreebl3-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nspr-4.9.2-0.6.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nspr-32bit-4.9.2-0.6.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nss-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nss-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:mozilla-nss-tools-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-10.0.7-0.3.1 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-branding-SLED-7-0.6.7.80 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-translations-10.0.7-0.3.1 SUSE Linux Enterprise Server 11 SP2:libfreebl3-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:libfreebl3-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:libfreebl3-x86-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:mozilla-nspr-4.9.2-0.6.1 SUSE Linux Enterprise Server 11 SP2:mozilla-nspr-32bit-4.9.2-0.6.1 SUSE Linux Enterprise Server 11 SP2:mozilla-nspr-x86-4.9.2-0.6.1 SUSE Linux Enterprise Server 11 SP2:mozilla-nss-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:mozilla-nss-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:mozilla-nss-tools-3.13.6-0.5.1 SUSE Linux Enterprise Server 11 SP2:mozilla-nss-x86-3.13.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:MozillaFirefox-10.0.7-0.3.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:MozillaFirefox-branding-SLED-7-0.6.7.80 SUSE Linux Enterprise Server for SAP Applications 11 SP2:MozillaFirefox-translations-10.0.7-0.3.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:libfreebl3-3.13.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:libfreebl3-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:libfreebl3-x86-3.13.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:mozilla-nspr-4.9.2-0.6.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:mozilla-nspr-32bit-4.9.2-0.6.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:mozilla-nspr-x86-4.9.2-0.6.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:mozilla-nss-3.13.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:mozilla-nss-32bit-3.13.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:mozilla-nss-tools-3.13.6-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11 SP2:mozilla-nss-x86-3.13.6-0.5.1 SUSE Linux Enterprise Software Development Kit 11 SP2:mozilla-nspr-devel-4.9.2-0.6.1 SUSE Linux Enterprise Software Development Kit 11 SP2:mozilla-nss-devel-3.13.6-0.5.1 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C