CVE-2013-0797
First published: Wed Apr 03 2013(Updated: )
Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <=19.0.2 | |
| Mozilla Firefox | =19.0 | |
| Mozilla Firefox | =19.0.1 | |
| Mozilla Firefox | =17.0 | |
| Mozilla Firefox | =17.0.1 | |
| Mozilla Firefox | =17.0.2 | |
| Mozilla Firefox | =17.0.3 | |
| Mozilla Firefox | =17.0.4 | |
| Mozilla Thunderbird | =17.0 | |
| Mozilla Thunderbird | =17.0.1 | |
| Mozilla Thunderbird | =17.0.2 | |
| Mozilla Thunderbird | =17.0.3 | |
| Mozilla Thunderbird | =17.0.4 | |
| Mozilla Thunderbird ESR | =17.0 | |
| Mozilla Thunderbird ESR | =17.0.1 | |
| Mozilla Thunderbird ESR | =17.0.2 | |
| Mozilla Thunderbird ESR | =17.0.3 | |
| Mozilla Thunderbird ESR | =17.0.4 | |
| Mozilla SeaMonkey | <=2.17 | |
| Mozilla SeaMonkey | =2.0 | |
| Mozilla SeaMonkey | =2.0-alpha_1 | |
| Mozilla SeaMonkey | =2.0-alpha_2 | |
| Mozilla SeaMonkey | =2.0-alpha_3 | |
| Mozilla SeaMonkey | =2.0-beta_1 | |
| Mozilla SeaMonkey | =2.0-beta_2 | |
| Mozilla SeaMonkey | =2.0-rc1 | |
| Mozilla SeaMonkey | =2.0-rc2 | |
| Mozilla SeaMonkey | =2.0.1 | |
| Mozilla SeaMonkey | =2.0.2 | |
| Mozilla SeaMonkey | =2.0.3 | |
| Mozilla SeaMonkey | =2.0.4 | |
| Mozilla SeaMonkey | =2.0.5 | |
| Mozilla SeaMonkey | =2.0.6 | |
| Mozilla SeaMonkey | =2.0.7 | |
| Mozilla SeaMonkey | =2.0.8 | |
| Mozilla SeaMonkey | =2.0.9 | |
| Mozilla SeaMonkey | =2.0.10 | |
| Mozilla SeaMonkey | =2.0.11 | |
| Mozilla SeaMonkey | =2.0.12 | |
| Mozilla SeaMonkey | =2.0.13 | |
| Mozilla SeaMonkey | =2.0.14 | |
| Mozilla SeaMonkey | =2.1 | |
| Mozilla SeaMonkey | =2.1-alpha1 | |
| Mozilla SeaMonkey | =2.1-alpha2 | |
| Mozilla SeaMonkey | =2.1-alpha3 | |
| Mozilla SeaMonkey | =2.1-beta1 | |
| Mozilla SeaMonkey | =2.1-beta2 | |
| Mozilla SeaMonkey | =2.1-beta3 | |
| Mozilla SeaMonkey | =2.1-rc1 | |
| Mozilla SeaMonkey | =2.1-rc2 | |
| Mozilla SeaMonkey | =2.2 | |
| Mozilla SeaMonkey | =2.2-beta1 | |
| Mozilla SeaMonkey | =2.2-beta2 | |
| Mozilla SeaMonkey | =2.2-beta3 | |
| Mozilla SeaMonkey | =2.3 | |
| Mozilla SeaMonkey | =2.3-beta1 | |
| Mozilla SeaMonkey | =2.3-beta2 | |
| Mozilla SeaMonkey | =2.3-beta3 | |
| Mozilla SeaMonkey | =2.3.1 | |
| Mozilla SeaMonkey | =2.3.2 | |
| Mozilla SeaMonkey | =2.3.3 | |
| Mozilla SeaMonkey | =2.4 | |
| Mozilla SeaMonkey | =2.4-beta1 | |
| Mozilla SeaMonkey | =2.4-beta2 | |
| Mozilla SeaMonkey | =2.4-beta3 | |
| Mozilla SeaMonkey | =2.4.1 | |
| Mozilla SeaMonkey | =2.5 | |
| Mozilla SeaMonkey | =2.5-beta1 | |
| Mozilla SeaMonkey | =2.5-beta2 | |
| Mozilla SeaMonkey | =2.5-beta3 | |
| Mozilla SeaMonkey | =2.5-beta4 | |
| Mozilla SeaMonkey | =2.6 | |
| Mozilla SeaMonkey | =2.6-beta1 | |
| Mozilla SeaMonkey | =2.6-beta2 | |
| Mozilla SeaMonkey | =2.6-beta3 | |
| Mozilla SeaMonkey | =2.6-beta4 | |
| Mozilla SeaMonkey | =2.6.1 | |
| Mozilla SeaMonkey | =2.7 | |
| Mozilla SeaMonkey | =2.7-beta1 | |
| Mozilla SeaMonkey | =2.7-beta2 | |
| Mozilla SeaMonkey | =2.7-beta3 | |
| Mozilla SeaMonkey | =2.7-beta4 | |
| Mozilla SeaMonkey | =2.7-beta5 | |
| Mozilla SeaMonkey | =2.7.1 | |
| Mozilla SeaMonkey | =2.7.2 | |
| Mozilla SeaMonkey | =2.8 | |
| Mozilla SeaMonkey | =2.8-beta1 | |
| Mozilla SeaMonkey | =2.8-beta2 | |
| Mozilla SeaMonkey | =2.8-beta3 | |
| Mozilla SeaMonkey | =2.8-beta4 | |
| Mozilla SeaMonkey | =2.8-beta5 | |
| Mozilla SeaMonkey | =2.8-beta6 | |
| Mozilla SeaMonkey | =2.9 | |
| Mozilla SeaMonkey | =2.9-beta1 | |
| Mozilla SeaMonkey | =2.9-beta2 | |
| Mozilla SeaMonkey | =2.9-beta3 | |
| Mozilla SeaMonkey | =2.9-beta4 | |
| Mozilla SeaMonkey | =2.9.1 | |
| Mozilla SeaMonkey | =2.10 | |
| Mozilla SeaMonkey | =2.10-beta1 | |
| Mozilla SeaMonkey | =2.10-beta2 | |
| Mozilla SeaMonkey | =2.10-beta3 | |
| Mozilla SeaMonkey | =2.10.1 | |
| Mozilla SeaMonkey | =2.11 | |
| Mozilla SeaMonkey | =2.11-beta1 | |
| Mozilla SeaMonkey | =2.11-beta2 | |
| Mozilla SeaMonkey | =2.11-beta3 | |
| Mozilla SeaMonkey | =2.11-beta4 | |
| Mozilla SeaMonkey | =2.11-beta5 | |
| Mozilla SeaMonkey | =2.11-beta6 | |
| Mozilla SeaMonkey | =2.12 | |
| Mozilla SeaMonkey | =2.12-beta1 | |
| Mozilla SeaMonkey | =2.12-beta2 | |
| Mozilla SeaMonkey | =2.12-beta3 | |
| Mozilla SeaMonkey | =2.12-beta4 | |
| Mozilla SeaMonkey | =2.12-beta5 | |
| Mozilla SeaMonkey | =2.12-beta6 | |
| Mozilla SeaMonkey | =2.12.1 | |
| Mozilla SeaMonkey | =2.13 | |
| Mozilla SeaMonkey | =2.13-beta1 | |
| Mozilla SeaMonkey | =2.13-beta2 | |
| Mozilla SeaMonkey | =2.13-beta3 | |
| Mozilla SeaMonkey | =2.13-beta4 | |
| Mozilla SeaMonkey | =2.13-beta5 | |
| Mozilla SeaMonkey | =2.13-beta6 | |
| Mozilla SeaMonkey | =2.13.1 | |
| Mozilla SeaMonkey | =2.13.2 | |
| Mozilla SeaMonkey | =2.14 | |
| Mozilla SeaMonkey | =2.14-beta1 | |
| Mozilla SeaMonkey | =2.14-beta2 | |
| Mozilla SeaMonkey | =2.14-beta3 | |
| Mozilla SeaMonkey | =2.14-beta4 | |
| Mozilla SeaMonkey | =2.14-beta5 | |
| Mozilla SeaMonkey | =2.15 | |
| Mozilla SeaMonkey | =2.15-beta1 | |
| Mozilla SeaMonkey | =2.15-beta2 | |
| Mozilla SeaMonkey | =2.15-beta3 | |
| Mozilla SeaMonkey | =2.15-beta4 | |
| Mozilla SeaMonkey | =2.15-beta5 | |
| Mozilla SeaMonkey | =2.15-beta6 | |
| Mozilla SeaMonkey | =2.15.1 | |
| Mozilla SeaMonkey | =2.15.2 | |
| Mozilla SeaMonkey | =2.16 | |
| Mozilla SeaMonkey | =2.16-beta1 | |
| Mozilla SeaMonkey | =2.16-beta2 | |
| Mozilla SeaMonkey | =2.16-beta3 | |
| Mozilla SeaMonkey | =2.16-beta4 | |
| Mozilla SeaMonkey | =2.16-beta5 | |
| Mozilla SeaMonkey | =2.16.1 | |
| Mozilla SeaMonkey | =2.16.2 | |
| Mozilla SeaMonkey | =2.17-beta1 | |
| Mozilla SeaMonkey | =2.17-beta2 | |
| Mozilla SeaMonkey | =2.17-beta3 | |
| Mozilla Firefox ESR | =17.0 | |
| Mozilla Firefox ESR | =17.0.1 | |
| Mozilla Firefox ESR | =17.0.2 | |
| Mozilla Firefox ESR | =17.0.3 | |
| Mozilla Firefox ESR | =17.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-34.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=830134
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17146
- agent/type
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/first-publish-date
- agent/author
- agent/last-modified-date
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/source
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/19.0.2
- version/mozilla firefox/19.0
- version/mozilla firefox/19.0.1
- version/mozilla firefox/17.0
- version/mozilla firefox/17.0.1
- version/mozilla firefox/17.0.2
- version/mozilla firefox/17.0.3
- version/mozilla firefox/17.0.4
- canonical/mozilla thunderbird
- version/mozilla thunderbird/17.0
- version/mozilla thunderbird/17.0.1
- version/mozilla thunderbird/17.0.2
- version/mozilla thunderbird/17.0.3
- version/mozilla thunderbird/17.0.4
- canonical/mozilla thunderbird esr
- version/mozilla thunderbird esr/17.0
- version/mozilla thunderbird esr/17.0.1
- version/mozilla thunderbird esr/17.0.2
- version/mozilla thunderbird esr/17.0.3
- version/mozilla thunderbird esr/17.0.4
- canonical/mozilla seamonkey
- version/mozilla seamonkey/2.17
- version/mozilla seamonkey/2.0
- version/mozilla seamonkey/2.0-alpha_1
- version/mozilla seamonkey/2.0-alpha_2
- version/mozilla seamonkey/2.0-alpha_3
- version/mozilla seamonkey/2.0-beta_1
- version/mozilla seamonkey/2.0-beta_2
- version/mozilla seamonkey/2.0-rc1
- version/mozilla seamonkey/2.0-rc2
- version/mozilla seamonkey/2.0.1
- version/mozilla seamonkey/2.0.2
- version/mozilla seamonkey/2.0.3
- version/mozilla seamonkey/2.0.4
- version/mozilla seamonkey/2.0.5
- version/mozilla seamonkey/2.0.6
- version/mozilla seamonkey/2.0.7
- version/mozilla seamonkey/2.0.8
- version/mozilla seamonkey/2.0.9
- version/mozilla seamonkey/2.0.10
- version/mozilla seamonkey/2.0.11
- version/mozilla seamonkey/2.0.12
- version/mozilla seamonkey/2.0.13
- version/mozilla seamonkey/2.0.14
- version/mozilla seamonkey/2.1
- version/mozilla seamonkey/2.1-alpha1
- version/mozilla seamonkey/2.1-alpha2
- version/mozilla seamonkey/2.1-alpha3
- version/mozilla seamonkey/2.1-beta1
- version/mozilla seamonkey/2.1-beta2
- version/mozilla seamonkey/2.1-beta3
- version/mozilla seamonkey/2.1-rc1
- version/mozilla seamonkey/2.1-rc2
- version/mozilla seamonkey/2.2
- version/mozilla seamonkey/2.2-beta1
- version/mozilla seamonkey/2.2-beta2
- version/mozilla seamonkey/2.2-beta3
- version/mozilla seamonkey/2.3
- version/mozilla seamonkey/2.3-beta1
- version/mozilla seamonkey/2.3-beta2
- version/mozilla seamonkey/2.3-beta3
- version/mozilla seamonkey/2.3.1
- version/mozilla seamonkey/2.3.2
- version/mozilla seamonkey/2.3.3
- version/mozilla seamonkey/2.4
- version/mozilla seamonkey/2.4-beta1
- version/mozilla seamonkey/2.4-beta2
- version/mozilla seamonkey/2.4-beta3
- version/mozilla seamonkey/2.4.1
- version/mozilla seamonkey/2.5
- version/mozilla seamonkey/2.5-beta1
- version/mozilla seamonkey/2.5-beta2
- version/mozilla seamonkey/2.5-beta3
- version/mozilla seamonkey/2.5-beta4
- version/mozilla seamonkey/2.6
- version/mozilla seamonkey/2.6-beta1
- version/mozilla seamonkey/2.6-beta2
- version/mozilla seamonkey/2.6-beta3
- version/mozilla seamonkey/2.6-beta4
- version/mozilla seamonkey/2.6.1
- version/mozilla seamonkey/2.7
- version/mozilla seamonkey/2.7-beta1
- version/mozilla seamonkey/2.7-beta2
- version/mozilla seamonkey/2.7-beta3
- version/mozilla seamonkey/2.7-beta4
- version/mozilla seamonkey/2.7-beta5
- version/mozilla seamonkey/2.7.1
- version/mozilla seamonkey/2.7.2
- version/mozilla seamonkey/2.8
- version/mozilla seamonkey/2.8-beta1
- version/mozilla seamonkey/2.8-beta2
- version/mozilla seamonkey/2.8-beta3
- version/mozilla seamonkey/2.8-beta4
- version/mozilla seamonkey/2.8-beta5
- version/mozilla seamonkey/2.8-beta6
- version/mozilla seamonkey/2.9
- version/mozilla seamonkey/2.9-beta1
- version/mozilla seamonkey/2.9-beta2
- version/mozilla seamonkey/2.9-beta3
- version/mozilla seamonkey/2.9-beta4
- version/mozilla seamonkey/2.9.1
- version/mozilla seamonkey/2.10
- version/mozilla seamonkey/2.10-beta1
- version/mozilla seamonkey/2.10-beta2
- version/mozilla seamonkey/2.10-beta3
- version/mozilla seamonkey/2.10.1
- version/mozilla seamonkey/2.11
- version/mozilla seamonkey/2.11-beta1
- version/mozilla seamonkey/2.11-beta2
- version/mozilla seamonkey/2.11-beta3
- version/mozilla seamonkey/2.11-beta4
- version/mozilla seamonkey/2.11-beta5
- version/mozilla seamonkey/2.11-beta6
- version/mozilla seamonkey/2.12
- version/mozilla seamonkey/2.12-beta1
- version/mozilla seamonkey/2.12-beta2
- version/mozilla seamonkey/2.12-beta3
- version/mozilla seamonkey/2.12-beta4
- version/mozilla seamonkey/2.12-beta5
- version/mozilla seamonkey/2.12-beta6
- version/mozilla seamonkey/2.12.1
- version/mozilla seamonkey/2.13
- version/mozilla seamonkey/2.13-beta1
- version/mozilla seamonkey/2.13-beta2
- version/mozilla seamonkey/2.13-beta3
- version/mozilla seamonkey/2.13-beta4
- version/mozilla seamonkey/2.13-beta5
- version/mozilla seamonkey/2.13-beta6
- version/mozilla seamonkey/2.13.1
- version/mozilla seamonkey/2.13.2
- version/mozilla seamonkey/2.14
- version/mozilla seamonkey/2.14-beta1
- version/mozilla seamonkey/2.14-beta2
- version/mozilla seamonkey/2.14-beta3
- version/mozilla seamonkey/2.14-beta4
- version/mozilla seamonkey/2.14-beta5
- version/mozilla seamonkey/2.15
- version/mozilla seamonkey/2.15-beta1
- version/mozilla seamonkey/2.15-beta2
- version/mozilla seamonkey/2.15-beta3
- version/mozilla seamonkey/2.15-beta4
- version/mozilla seamonkey/2.15-beta5
- version/mozilla seamonkey/2.15-beta6
- version/mozilla seamonkey/2.15.1
- version/mozilla seamonkey/2.15.2
- version/mozilla seamonkey/2.16
- version/mozilla seamonkey/2.16-beta1
- version/mozilla seamonkey/2.16-beta2
- version/mozilla seamonkey/2.16-beta3
- version/mozilla seamonkey/2.16-beta4
- version/mozilla seamonkey/2.16-beta5
- version/mozilla seamonkey/2.16.1
- version/mozilla seamonkey/2.16.2
- version/mozilla seamonkey/2.17-beta1
- version/mozilla seamonkey/2.17-beta2
- version/mozilla seamonkey/2.17-beta3
- canonical/mozilla firefox esr
- version/mozilla firefox esr/17.0
- version/mozilla firefox esr/17.0.1
- version/mozilla firefox esr/17.0.2
- version/mozilla firefox esr/17.0.3
- version/mozilla firefox esr/17.0.4