Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2012-3974 | First vendor Publication | 2012-08-29 |
| Vendor | Cve | Last vendor Modification | 2017-09-19 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6.9 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 3.4 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3974 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:16692 | |||
| Oval ID: | oval:org.mitre.oval:def:16692 | ||
| Title: | Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory. | ||
| Description: | Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-3974 | Version: | 16 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-08-30 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox69.nasl |
| 2012-08-30 | Name : Mandriva Update for firefox MDVSA-2012:145 (firefox) File : nvt/gb_mandriva_MDVSA_2012_145.nasl |
| 2012-08-30 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2012:147 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2012_147.nasl |
| 2012-08-30 | Name : Mozilla Firefox Multiple Vulnerabilities - August12 (Windows) File : nvt/gb_mozilla_firefox_thunderbird_mult_vuln_aug12_win.nasl |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_firefox_20130129.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201208-120831.nasl - Type : ACT_GATHER_INFO |
| 2012-11-14 | Name : The remote Fedora host is missing a security update. File : fedora_2012-17841.nasl - Type : ACT_GATHER_INFO |
| 2012-09-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-201208-8269.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-145.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-147.nasl - Type : ACT_GATHER_INFO |
| 2012-08-31 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2b8cad90f28911e1a21514dae9ebcf89.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1007.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_150.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1007.nasl - Type : ACT_GATHER_INFO |
| 2012-08-29 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_150.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-10 01:18:40 |
|
| 2024-02-02 01:20:14 |
|
| 2024-02-01 12:05:58 |
|
| 2023-09-05 12:19:07 |
|
| 2023-09-05 01:05:51 |
|
| 2023-09-02 12:19:08 |
|
| 2023-09-02 01:05:56 |
|
| 2023-08-12 12:22:59 |
|
| 2023-08-12 01:05:57 |
|
| 2023-08-11 12:19:15 |
|
| 2023-08-11 01:06:07 |
|
| 2023-08-06 12:18:30 |
|
| 2023-08-06 01:05:58 |
|
| 2023-08-04 12:18:35 |
|
| 2023-08-04 01:06:00 |
|
| 2023-07-14 12:18:34 |
|
| 2023-07-14 01:05:55 |
|
| 2023-04-01 01:15:32 |
|
| 2023-03-29 01:20:33 |
|
| 2023-03-28 12:06:03 |
|
| 2022-10-11 12:16:35 |
|
| 2022-10-11 01:05:38 |
|
| 2020-10-14 01:08:14 |
|
| 2020-10-03 01:08:16 |
|
| 2020-05-29 01:07:36 |
|
| 2020-05-23 01:49:29 |
|
| 2020-05-23 00:34:26 |
|
| 2019-06-25 12:04:42 |
|
| 2019-02-01 12:02:42 |
|
| 2019-01-30 12:04:49 |
|
| 2018-06-29 12:01:14 |
|
| 2018-01-18 12:04:51 |
|
| 2017-11-22 12:04:49 |
|
| 2017-09-19 09:25:28 |
|
| 2016-06-28 22:00:54 |
|
| 2016-04-26 22:10:01 |
|
| 2015-01-21 13:25:45 |
|
| 2014-02-17 11:12:37 |
|
| 2013-11-04 21:23:31 |
|
| 2013-05-30 13:23:20 |
|
| 2013-05-10 22:44:23 |
|
| 2013-03-02 13:19:04 |
|
| 2013-02-01 17:19:22 |
|
| 2013-02-01 13:20:33 |
|
| 2013-01-30 13:22:25 |
|
