CVE - CVE-2014-1520

CVE-ID
CVE-2014-1520	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-35.html CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=961676 FEDORA:FEDORA-2014-5829 URL:http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html FEDORA:FEDORA-2014-5833 URL:http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html GENTOO:GLSA-201504-01 URL:https://security.gentoo.org/glsa/201504-01 SECTRACK:1030163 URL:http://www.securitytracker.com/id/1030163 SECUNIA:59866 URL:http://secunia.com/advisories/59866
Assigning CNA
Mozilla Corporation
Date Entry Created
20140116	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20140116)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select “Other” from dropdown)