Mozilla Firefox CVE-2013-0797 Vulnerability

description-logoDescription

Security researcher Ash reported an issue with the Mozilla Updater. The Mozilla Updater can be made to load a malicious local DLL file in a privileged context through either the Mozilla Maintenance Service or independently on systems that do not use the service. This occurs when the DLL file is placed in a specific location on the local system before the Mozilla Updater is run. Local file system access is necessary in order for this issue to be exploitable.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2013-0797