icon

We found results for “

CVE-2016-5294

Good to know:

Date: June 11, 2018

The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

Severity Score

Severity Score

Weakness Type (CWE)

Input Validation

CWE-20

Top Fix

icon

Upgrade Version

CVSS v3

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privilegs Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): HIGH
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us