Endpoint Vulnerability

Local privilege escalation through Mozilla Maintenance Service

Description

Security researcher Seb Patane reported an issue with the Mozilla Maintenance Service on Windows. This issue allows unprivileged users to local privilege escalation through the system privileges used by the service when interacting with local malicious software. This allows the user to bypass integrity checks leading to local privilege escalation. Local file system access is necessary in order for this issue to be exploitable and it cannot be triggered through web content.

Affected Products

Thunderbird

References

CVE-2013-1672,