Oval Definition:oval:org.mitre.oval:def:14436
Revision Date:2014-10-06Version:27
Title:Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process.
Description:Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2011-2980
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis
  • Determine if the version of Mozilla Firefox is less than or equal to 1.5.8 and is greater than or equal to 1.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is less than or equal to 1.5.8
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is greater than or equal to 1.0
  • OR Determine if the version of Mozilla Firefox is less than or equal to 2.0.0.20 and is greater than or equal to 2.0.0.1
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is less than or equal to 2.0.0.20
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is greater than or equal to 2.0.0.1
  • OR Determine if the version of Mozilla Firefox is less than or equal to 3.6.19 and is greater than or equal to 3.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is less than or equal to 3.6.19
  • AND Mozilla Firefox Mainline version is greater than or equal to 3.0
  • OR Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.11 and is greater than or equal to 3.0.1
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.11
  • AND Determine if the version of Mozilla Thunderbird is greater than or equal to 3.0.1
    • BACK