Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1943

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2012-1943
Last Modified 02 Nov 2013 11:23:35
Published 05 Jun 2012 07:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1943

Summary

Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allows local users to gain privileges via a Trojan horse wsock32.dll file in an application directory.

Vulnerable Systems

Application

  • Mozilla Firefox 12.0

  • Mozilla Seamonkey 2.9

  • Mozilla Thunderbird 12.0


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=750850

CONFIRM - http://www.mozilla.org/security/announce/2012/mfsa2012-35.html

Related Patches

Novell SUSE 2012:6425 MozillaFirefox security update for SLE 11 SP1 i586

Novell SUSE 2012:6425 MozillaFirefox security update for SLE 11 SP1 x86_64

Novell SUSE 2012:8189 MozillaFirefox security update for SLE 10 SP4 i586

Novell SUSE 2012:8189 MozillaFirefox security update for SLE 10 SP4 x86_64

Mozilla Firefox 13.0 for Mac OS X (Update) (See Note)

Mozilla Firefox (en-us) 13.0 for Windows (Update) (See Notes)

Mozilla Firefox 13.0.1 for Mac OS X (Update) (See Note)

Mozilla Firefox (en-us) 13.0.1 for Windows (Update) (See Notes)


Last Updated: 27 May 2016 10:49:36