CVE-2023-4052: 
NixOS vulnerability analysis and mitigation

CVE-2023-4052 is a security vulnerability discovered in Firefox's uninstaller functionality that affects Firefox versions prior to 116, Firefox ESR versions prior to 115.1, and Thunderbird versions prior to 115.1. The vulnerability was discovered by security researcher ycdxsb and disclosed on August 1, 2023. This vulnerability specifically affects Firefox installations on Windows operating systems, with other operating systems being unaffected (Mozilla Advisory).

The vulnerability stems from the Firefox updater creating a directory that was writable by non-privileged users. During Firefox uninstallation, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be exploited by combining it with the creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium), with a vector string of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N (NVD).

The vulnerability allows a non-privileged user to delete arbitrary files through the Firefox uninstaller process when it runs with elevated privileges. This could potentially lead to system compromise through deletion of critical system files. The impact is particularly concerning in enterprise environments where Firefox is commonly installed with elevated privileges (Mozilla Bug).

The vulnerability has been fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Users are advised to update to these versions or later to protect against this vulnerability. The fix involves implementing safer file deletion procedures during the uninstallation process (Mozilla Advisory).