CVE-2013-1715 — Vulnetix

CVE-2013-1715 PUBLISHED CVSS 6.900000095367432 MEDIUM

Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory. NOTE: this issue exists because of an incomplete fix for CVE-2012-4206.

EPSS 0.17% · 37.5th percentile

Risk Scores

CVSS 2.0

6.900000095367432

EPSS Score

0.17%

37.5th percentile

Affected Products

Vendor	Product	Versions
mozilla	firefox	21.0, 0, 19.0
n/a	n/a	n/a

Exploit Intelligence

oval:org.mitre.oval:def:18210 (circl)
http://www.mozilla.org/security/announce/2013/mfsa2013-74.html (circl)
https://bugzilla.mozilla.org/show_bug.cgi?id=883165 (circl)

Timeline

Aug 7, 2013 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 17, 2022 CVE Updated
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score

References

Open in Interactive Console →