Privilege escalation vulnerability in Mozilla Firefox or Firefox ESR - CVE-2017-7761ID: oval:org.secpod.oval:def:41092 | Date: (C)2017-06-16 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
Mozilla Firefox before 54.0 or Firefox ESR before 52.2 :- The Mozilla Maintenance Service helper.exe application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted by the Mozilla Maintenance Service, which has privileged access.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2003 |
Microsoft Windows 8 |
Microsoft Windows XP |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Product: |
Mozilla Firefox |
Mozilla Firefox ESR |