ID de Prueba:	1.3.6.1.4.1.25623.1.0.802867
Categoría:	Privilege escalation
Título:	Mozilla Products Updater Service Privilege Escalation Vulnerabilities - Windows
Resumen:	Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities.
Descripción:	Summary: Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities. Vulnerability Insight: - Mozilla updater allows to load a local DLL file in a privileged context. - The 'Updater.exe' in the Windows Updater Service allows to load an arbitrary local wsock32.dll file, which can then be run with the same system privileges used by the service. Vulnerability Impact: Successful attempt could allow local attackers to bypass security restrictions and gain the privileges. Affected Software/OS: SeaMonkey version 2.9, Thunderbird version 12.0 and Mozilla Firefox version 12.0 on Windows Solution: Upgrade to Mozilla Firefox version 13.0 or later, upgrade to SeaMonkey version to 2.10 or later, upgrade to Thunderbird version to 13.0 or later. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1942 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16951 SuSE Security Announcement: SUSE-SU-2012:0746 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2012-1943 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16924
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.