The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.
References
Configurations
History
No history.
Information
Published : 2016-06-13 10:59
Updated : 2024-02-28 15:21
NVD link : CVE-2016-2826
Mitre link : CVE-2016-2826
CVE.ORG link : CVE-2016-2826
JSON object : View
Products Affected
mozilla
- firefox
- firefox_esr
microsoft
- windows
CWE
CWE-264
Permissions, Privileges, and Access Controls