{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2013-1672","title":"Title"},{"category":"description","text":"The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2013-1672","url":"https://www.suse.com/security/cve/CVE-2013-1672"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 813026 for CVE-2013-1672","url":"https://bugzilla.suse.com/813026"},{"category":"external","summary":"SUSE Bug 819204 for CVE-2013-1672","url":"https://bugzilla.suse.com/819204"},{"category":"external","summary":"Advisory link for SUSE-SU-2013:1152-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2013-July/000516.html"}],"title":"SUSE CVE CVE-2013-1672","tracking":{"current_release_date":"2025-07-29T23:52:07Z","generator":{"date":"2023-02-15T05:40:33Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2013-1672","initial_release_date":"2023-02-15T05:40:33Z","revision_history":[{"date":"2023-02-15T05:40:33Z","number":"2","summary":"Current version"},{"date":"2025-03-16T13:22:09Z","number":"3","summary":"Current version"},{"date":"2025-06-27T01:44:03Z","number":"4","summary":"Current version"},{"date":"2025-07-03T00:19:39Z","number":"5","summary":"Current version"},{"date":"2025-07-29T23:52:07Z","number":"6","summary":"Current version"}],"status":"interim","version":"6"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Enterprise Storage 6","product":{"name":"SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6","product_identification_helper":{"cpe":"cpe:/o:suse:ses:6"}}},{"category":"product_version","name":"MozillaFirefox","product":{"name":"MozillaFirefox","product_id":"MozillaFirefox","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/MozillaFirefox@?upstream=MozillaFirefox.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"MozillaFirefox as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:MozillaFirefox"},"product_reference":"MozillaFirefox","relates_to_product_reference":"SUSE Enterprise Storage 6"}]},"vulnerabilities":[{"cve":"CVE-2013-1672","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2013-1672"}],"notes":[{"category":"general","text":"The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.","title":"CVE description"}],"product_status":{"known_affected":["SUSE Enterprise Storage 6:MozillaFirefox"]},"references":[{"category":"external","summary":"CVE-2013-1672","url":"https://www.suse.com/security/cve/CVE-2013-1672"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 813026 for CVE-2013-1672","url":"https://bugzilla.suse.com/813026"},{"category":"external","summary":"SUSE Bug 819204 for CVE-2013-1672","url":"https://bugzilla.suse.com/819204"},{"category":"external","summary":"Advisory link for SUSE-SU-2013:1152-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2013-July/000516.html"}],"threats":[{"category":"impact","date":"2013-06-27T17:18:57Z","details":"moderate"}],"title":"CVE-2013-1672"}]}