CVE-2013-1672 - Vulnerability Details

Vendors	Products
Microsoft	Windows
Mozilla	Firefox Thunderbird Thunderbird Esr

Link	Providers
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
https://bugzilla.mozilla.org/show_bug.cgi?id=850492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:mozilla:firefox_esr:17.0.1:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0:::::::*	cpe:2.3:a:mozilla:firefox:17.0.1:::::::* cpe:2.3:a:mozilla:firefox:17.0:::::::*
Vendors & Products	Mozilla firefox Esr

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:mozilla:firefox_esr:17.0.2:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.3:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.4:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.5:::::::*	cpe:2.3:a:mozilla:firefox:17.0.2:::::::* cpe:2.3:a:mozilla:firefox:17.0.3:::::::* cpe:2.3:a:mozilla:firefox:17.0.4:::::::* cpe:2.3:a:mozilla:firefox:17.0.5:::::::*

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-05-14T00:00:00", "descriptions": [{"lang": "en", "value": "The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"name": "oval:org.mitre.oval:def:16915", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2013-1672", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:16915", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915"}, {"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:13:32.639Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:16915", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2013-1672", "datePublished": "2013-05-16T10:00:00", "dateReserved": "2013-02-13T00:00:00", "dateUpdated": "2024-08-06T15:13:32.639Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2013-05-14T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-09-18T12:57:01 (string)

orgId : f16b083a-5664-49f3-a51e-8d479e5ed7fe (string)

shortName : mozilla (string)

}

references : [ »

0 : { »

name : oval:org.mitre.oval:def:16915 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.mozilla.org/security/announce/2013/mfsa2013-44.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://bugzilla.mozilla.org/show_bug.cgi?id=850492 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@mozilla.org (string)

ID : CVE-2013-1672 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : oval:org.mitre.oval:def:16915 (string)

refsource : OVAL (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915 (string)

}

1 : { »

name : http://www.mozilla.org/security/announce/2013/mfsa2013-44.html (string)

refsource : CONFIRM (string)

url : http://www.mozilla.org/security/announce/2013/mfsa2013-44.html (string)

}

2 : { »

name : https://bugzilla.mozilla.org/show_bug.cgi?id=850492 (string)

refsource : CONFIRM (string)

url : https://bugzilla.mozilla.org/show_bug.cgi?id=850492 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T15:13:32.639Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : oval:org.mitre.oval:def:16915 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

3 : x_transferred (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.mozilla.org/security/announce/2013/mfsa2013-44.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://bugzilla.mozilla.org/show_bug.cgi?id=850492 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : f16b083a-5664-49f3-a51e-8d479e5ed7fe (string)

assignerShortName : mozilla (string)

cveId : CVE-2013-1672 (string)

datePublished : 2013-05-16T10:00:00 (string)

dateReserved : 2013-02-13T00:00:00 (string)

dateUpdated : 2024-08-06T15:13:32.639Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1246AD3-6704-42B1-89AE-E9DD64D3D7D7", "versionEndIncluding": "20.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*", "matchCriteriaId": "06FF9DFE-491D-4260-8A49-07FD342B9412", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "DE09D089-7F48-466B-B03A-C64152A12615", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "653D73DA-21C0-4C3F-9269-5A6D5C5B1E34", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*", "matchCriteriaId": "804A0ACE-EB28-413D-93F4-E849FEA01390", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*", "matchCriteriaId": "3283FBAC-B77A-4C62-9D51-70BB35FA3D13", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "886D8A1F-ECDD-4FE9-A4E5-2322EEC0B880", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E10B8803-C319-4AAA-81CF-FA206A33BA55", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E2B5567C-8969-456D-B6DF-3562B99C41FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5657779C-19F9-42B8-BBBD-292B898E8FD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "EEA3B9F4-BD8E-488B-A362-0B86BC6DA275", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EA961C7-D2E2-4709-853D-77A17DFCFC7C", "versionEndIncluding": "17.0.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2FD78A8-0D3A-412C-8776-20C598697564", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "777D8DC5-8D43-4842-B0A7-3C933F41F6E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "808C66D2-4C53-4544-AD21-443D9A400B84", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6FB95E8B-CF01-471F-8306-BB9FB0896904", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "AF7E092E-BCBE-48B4-8F6A-D3E4A0369AE1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC6BA0FC-3A66-4E44-9F40-18BB53308D89", "versionEndIncluding": "17.0.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:*", "matchCriteriaId": "341D94CE-C0EB-47FA-A043-E7B0F4344BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "84C3EE07-F201-451A-89A1-A41B8B2165E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "45837B42-7D29-4475-94F1-E29CD5831C7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "7028A433-7D1B-4C6F-A0F6-1B69682F7853", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "86C07513-8F98-4FA6-837D-7D735AE5EA91", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions."}, {"lang": "es", "value": "El Mozilla Updater en Mozilla Firefox anterior a v21.0, Firefox ESR v17.x anterior a v17.0.6, Thunderbird anterior a v17.0.6, y Thunderbird ESR v17.x anterior a v17.0.6 en Windows permite a usuarios locales eludir la verificaci\u00f3n de integridad y ganar privilegios mediante vectores que comprenden \"junctions\""}], "id": "CVE-2013-1672", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-05-16T11:45:30.817", "references": [{"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html"}, {"source": "security@mozilla.org", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492"}, {"source": "security@mozilla.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-44.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=850492"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B1246AD3-6704-42B1-89AE-E9DD64D3D7D7 (string)

versionEndIncluding : 20.0.1 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 06FF9DFE-491D-4260-8A49-07FD342B9412 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : DE09D089-7F48-466B-B03A-C64152A12615 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 653D73DA-21C0-4C3F-9269-5A6D5C5B1E34 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 804A0ACE-EB28-413D-93F4-E849FEA01390 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2CF61F35-5905-4BA9-AD7E-7DB261D2F256 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 3283FBAC-B77A-4C62-9D51-70BB35FA3D13 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 886D8A1F-ECDD-4FE9-A4E5-2322EEC0B880 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : E10B8803-C319-4AAA-81CF-FA206A33BA55 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : E2B5567C-8969-456D-B6DF-3562B99C41FE (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 5657779C-19F9-42B8-BBBD-292B898E8FD2 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : EEA3B9F4-BD8E-488B-A362-0B86BC6DA275 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2CF61F35-5905-4BA9-AD7E-7DB261D2F256 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0EA961C7-D2E2-4709-853D-77A17DFCFC7C (string)

versionEndIncluding : 17.0.5 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mozilla:thunderbird:17.0:*:*:*:*:*:*:* (string)

matchCriteriaId : C2FD78A8-0D3A-412C-8776-20C598697564 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mozilla:thunderbird:17.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 777D8DC5-8D43-4842-B0A7-3C933F41F6E8 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mozilla:thunderbird:17.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 808C66D2-4C53-4544-AD21-443D9A400B84 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:mozilla:thunderbird:17.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 6FB95E8B-CF01-471F-8306-BB9FB0896904 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:mozilla:thunderbird:17.0.4:*:*:*:*:*:*:* (string)

matchCriteriaId : AF7E092E-BCBE-48B4-8F6A-D3E4A0369AE1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2CF61F35-5905-4BA9-AD7E-7DB261D2F256 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DC6BA0FC-3A66-4E44-9F40-18BB53308D89 (string)

versionEndIncluding : 17.0.5 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mozilla:thunderbird_esr:17.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 341D94CE-C0EB-47FA-A043-E7B0F4344BBB (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 84C3EE07-F201-451A-89A1-A41B8B2165E6 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 45837B42-7D29-4475-94F1-E29CD5831C7F (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 7028A433-7D1B-4C6F-A0F6-1B69682F7853 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 86C07513-8F98-4FA6-837D-7D735AE5EA91 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2CF61F35-5905-4BA9-AD7E-7DB261D2F256 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions. (string)

}

1 : { »

lang : es (string)

value : El Mozilla Updater en Mozilla Firefox anterior a v21.0, Firefox ESR v17.x anterior a v17.0.6, Thunderbird anterior a v17.0.6, y Thunderbird ESR v17.x anterior a v17.0.6 en Windows permite a usuarios locales eludir la verificación de integridad y ganar privilegios mediante vectores que comprenden "junctions" (string)

}

]

id : CVE-2013-1672 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 6.9 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:L/AC:M/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 3.4 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2013-05-16T11:45:30.817 (string)

references : [ »

0 : { »

source : security@mozilla.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.mozilla.org/security/announce/2013/mfsa2013-44.html (string)

}

1 : { »

source : security@mozilla.org (string)

url : https://bugzilla.mozilla.org/show_bug.cgi?id=850492 (string)

}

2 : { »

source : security@mozilla.org (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.mozilla.org/security/announce/2013/mfsa2013-44.html (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://bugzilla.mozilla.org/show_bug.cgi?id=850492 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16915 (string)

}

]

sourceIdentifier : security@mozilla.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-264 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object