CVE-2012-4206
Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.
Date published : 2012-11-21
http://www.mozilla.org/security/announce/2012/mfsa2012-98.html