CVE-2023-4052

The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:34

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1824420 - Issue Tracking, Permissions Required () https://bugzilla.mozilla.org/show_bug.cgi?id=1824420 - Issue Tracking, Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2023-29/ - Vendor Advisory () https://www.mozilla.org/security/advisories/mfsa2023-29/ - Vendor Advisory
References () https://www.mozilla.org/security/advisories/mfsa2023-31/ - Vendor Advisory () https://www.mozilla.org/security/advisories/mfsa2023-31/ - Vendor Advisory
References () https://www.mozilla.org/security/advisories/mfsa2023-33/ - () https://www.mozilla.org/security/advisories/mfsa2023-33/ -

07 Aug 2023, 14:15

Type Values Removed Values Added
References
  • (MISC) https://www.mozilla.org/security/advisories/mfsa2023-33/ -
Summary The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116 and Firefox ESR < 115.1. The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.

04 Aug 2023, 18:54

Type Values Removed Values Added
References (MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1824420 - (MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1824420 - Issue Tracking, Permissions Required
References (MISC) https://www.mozilla.org/security/advisories/mfsa2023-29/ - (MISC) https://www.mozilla.org/security/advisories/mfsa2023-29/ - Vendor Advisory
References (MISC) https://www.mozilla.org/security/advisories/mfsa2023-31/ - (MISC) https://www.mozilla.org/security/advisories/mfsa2023-31/ - Vendor Advisory
CWE CWE-59
CPE cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

01 Aug 2023, 15:25

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-01 15:15

Updated : 2024-11-21 08:34


NVD link : CVE-2023-4052

Mitre link : CVE-2023-4052

CVE.ORG link : CVE-2023-4052


JSON object : View

Products Affected

mozilla

  • firefox
  • firefox_esr
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')