{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2013-1673","title":"Title"},{"category":"description","text":"The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not properly maintain Mozilla Maintenance Service registry entries in certain situations involving upgrades from older Firefox versions, which allows local users to gain privileges by leveraging write access to a \"trusted path.\"","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2013-1673","url":"https://www.suse.com/security/cve/CVE-2013-1673"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 813026 for CVE-2013-1673","url":"https://bugzilla.suse.com/813026"},{"category":"external","summary":"SUSE Bug 819204 for CVE-2013-1673","url":"https://bugzilla.suse.com/819204"},{"category":"external","summary":"Advisory link for SUSE-SU-2013:1152-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2013-July/000516.html"}],"title":"SUSE CVE CVE-2013-1673","tracking":{"current_release_date":"2025-07-29T23:52:06Z","generator":{"date":"2023-02-15T05:40:33Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2013-1673","initial_release_date":"2023-02-15T05:40:33Z","revision_history":[{"date":"2023-02-15T05:40:33Z","number":"2","summary":"Current version"},{"date":"2025-03-16T13:22:07Z","number":"3","summary":"Current version"},{"date":"2025-06-27T01:44:01Z","number":"4","summary":"Current version"},{"date":"2025-07-03T00:19:38Z","number":"5","summary":"Current version"},{"date":"2025-07-29T23:52:06Z","number":"6","summary":"Current version"}],"status":"interim","version":"6"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Enterprise Storage 6","product":{"name":"SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6","product_identification_helper":{"cpe":"cpe:/o:suse:ses:6"}}},{"category":"product_version","name":"MozillaFirefox","product":{"name":"MozillaFirefox","product_id":"MozillaFirefox","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/MozillaFirefox@?upstream=MozillaFirefox.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"MozillaFirefox as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:MozillaFirefox"},"product_reference":"MozillaFirefox","relates_to_product_reference":"SUSE Enterprise Storage 6"}]},"vulnerabilities":[{"cve":"CVE-2013-1673","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2013-1673"}],"notes":[{"category":"general","text":"The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not properly maintain Mozilla Maintenance Service registry entries in certain situations involving upgrades from older Firefox versions, which allows local users to gain privileges by leveraging write access to a \"trusted path.\"","title":"CVE description"}],"product_status":{"known_affected":["SUSE Enterprise Storage 6:MozillaFirefox"]},"references":[{"category":"external","summary":"CVE-2013-1673","url":"https://www.suse.com/security/cve/CVE-2013-1673"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 813026 for CVE-2013-1673","url":"https://bugzilla.suse.com/813026"},{"category":"external","summary":"SUSE Bug 819204 for CVE-2013-1673","url":"https://bugzilla.suse.com/819204"},{"category":"external","summary":"Advisory link for SUSE-SU-2013:1152-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2013-July/000516.html"}],"threats":[{"category":"impact","date":"2013-06-27T17:18:57Z","details":"moderate"}],"title":"CVE-2013-1673"}]}