Arbitrary File Write Vulnerability in Mozilla Firefox Updater
CVE-2015-4505 · MEDIUM Severity
AV:L/AC:L/AU:N/C:N/I:C/A:C
updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.
Learn more about our Cis Benchmark Audit For Mozilla Firefox.