[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: Files extracted during updates are not always read only - mfsa2014-16 (Mac OS X)

ID: oval:org.secpod.oval:def:17301Date: (C)2014-03-21   (M)2023-11-18
Class: PATCHFamily: macos




Security researcher Ash reported an issue where the extracted files for updates to existing files are not read only during the update process. This allows for the potential replacement or modification of these files during the update process if a malicious application is present on the local system.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.13
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Product:
Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Reference:
MFSA 2014-16
CVE-2014-1496
CVE    1
CVE-2014-1496
CPE    525
cpe:/a:mozilla:firefox:14.0
cpe:/a:mozilla:firefox:20.0.1
cpe:/a:mozilla:firefox:3.6.26
cpe:/a:mozilla:firefox:3.6.27
...

© SecPod Technologies