Mozilla Firefox 37.x on Windows Updater updater.exe File untrusted search path
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.0 | $0-$5k | 0.00 |
Summary
A vulnerability categorized as critical has been discovered in Mozilla Firefox 37.x on Windows. The affected element is an unknown function of the file updater.exe of the component Updater. Such manipulation leads to untrusted search path (File). This vulnerability is documented as CVE-2015-0833. There is not any exploit available. It is advisable to upgrade the affected component.
Details
A vulnerability was found in Mozilla Firefox 37.x on Windows (Web Browser). It has been rated as critical. Affected by this issue is an unknown functionality of the file updater.exe of the component Updater. The manipulation with an unknown input leads to a untrusted search path vulnerability (File). Using CWE to declare the problem leads to CWE-426. The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. Impacted is confidentiality, integrity, and availability.
The weakness was released 05/12/2015 by Holger Fuhrmannek as MFSA 2015-58 as confirmed security advisory (Website). The advisory is shared for download at mozilla.org. This vulnerability is handled as CVE-2015-0833. The attack may be launched remotely. No form of authentication is required for exploitation. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1574.
The vulnerability scanner Nessus provides a plugin with the ID 81588 (FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family FreeBSD Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 115070 (Mozilla Firefox / Thunderbird Multiple Vulnerabilities (MFSA 2015-46 to MFSA 2015-58)).
Upgrading to version 38 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (81588), SecurityFocus (BID 72747†), SecurityTracker (ID 1032301†) and Vulnerability Center (SBV-48760†). bugzilla.mozilla.org is providing further details. Entries connected to this vulnerability are available at VDB-69212, VDB-69214, VDB-69215 and VDB-69217. Once again VulDB remains the best source for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.mozilla.org/
- Product: https://www.mozilla.org/en-US/firefox/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.3VulDB Meta Temp Score: 7.0
VulDB Base Score: 7.3
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Name: FileClass: Untrusted search path / File
CWE: CWE-426
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 81588
Nessus Name: FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 803422
OpenVAS Name: Mozilla Firefox ESR Multiple Vulnerabilities-01 Mar15 (Windows)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
Exposure Time: 🔍
Upgrade: Firefox 38
Timeline
01/07/2015 🔍02/24/2015 🔍
02/24/2015 🔍
02/25/2015 🔍
02/25/2015 🔍
05/12/2015 🔍
05/12/2015 🔍
05/13/2015 🔍
05/13/2015 🔍
05/17/2022 🔍
Sources
Vendor: mozilla.orgProduct: mozilla.org
Advisory: MFSA 2015-58
Researcher: Holger Fuhrmannek
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2015-0833 (🔍)
GCVE (CVE): GCVE-0-2015-0833
GCVE (VulDB): GCVE-100-75356
SecurityFocus: 72747 - Mozilla Firefox Firefox ESR and Thunderbird DLL Loading Arbitrary Code Execution Vulnerability
SecurityTracker: 1032301 - Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code and Obtain Potentially Sensitive Information and Let Local Users Gain Elevated Privileges
Vulnerability Center: 48760 - Mozilla Firefox <36.0, ESR <31.5 and Thunderbird <31.5 on Windows Remote Code Execution via Updater, High
Misc.: 🔍
See also: 🔍
Entry
Created: 05/13/2015 12:38Updated: 05/17/2022 12:06
Changes: 05/13/2015 12:38 (75), 06/21/2017 09:22 (8), 05/17/2022 11:58 (4), 05/17/2022 12:06 (1)
Complete: 🔍
Cache ID: 216:232:103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.