Количество 10
Количество 10
BDU:2023-04499
Уязвимость загрузчика обновлений браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю получить доступ на чтение, изменение или удаление файлов
CVE-2023-4052
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.
CVE-2023-4052
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.
CVE-2023-4052
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.
CVE-2023-4052
The Firefox updater created a directory writable by non-privileged use ...
GHSA-gjqm-928w-fr7f
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116 and Firefox ESR < 115.1.
SUSE-SU-2023:3228-1
Security update for MozillaThunderbird
SUSE-SU-2023:3163-1
Security update for MozillaFirefox
SUSE-SU-2023:3162-1
Security update for MozillaFirefox
SUSE-SU-2023:3161-1
Security update for MozillaFirefox
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-04499 Уязвимость загрузчика обновлений браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю получить доступ на чтение, изменение или удаление файлов | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-4052 The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-4052 The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1. | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-4052 The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| CVE-2023-4052 The Firefox updater created a directory writable by non-privileged use ... | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| GHSA-gjqm-928w-fr7f The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116 and Firefox ESR < 115.1. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:3228-1 Security update for MozillaThunderbird | больше 2 лет назад | ||
| SUSE-SU-2023:3163-1 Security update for MozillaFirefox | больше 2 лет назад | ||
| SUSE-SU-2023:3162-1 Security update for MozillaFirefox | больше 2 лет назад | ||
| SUSE-SU-2023:3161-1 Security update for MozillaFirefox | больше 2 лет назад |
Уязвимостей на страницу