Oval Definition:oval:org.mitre.oval:def:16991
Revision Date:2014-10-06Version:18
Title:Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.
Description:Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2012-4206
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Mozilla Firefox
Mozilla Firefox ESR
Definition Synopsis
  • Check for vulnerable Firefox mainline
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is less than or equal to 16.0.2
  • AND Mozilla Firefox Mainline version is greater than or equal to 0.1
  • OR Check for vulnerable Mozilla Firefox ESR
  • Mozilla Firefox ESR is installed
  • AND Mozilla Firefox ESR version is less than 10.0.11 and greater than or equal to 10.x
    • BACK