Mozilla Thunderbird CVE-2014-1496 Privilege Escalation Vulnerability
Description
Security researcher Ash reported an issue where the extracted files for updates to existing files are not read only during the update process. This allows for the potential replacement or modification of these files during the update process if a malicious application is present on the local system.
Affected Applications
Thunderbird