Posted by Stefan Kanthak on Oct 30

Hi @ll,

Mozilla’s (executable) full setup packages for Windows allow arbitrary
code execution resp. escalation of privilege: their SETUP.EXE loads
SHFOLDER.DLL [‘] from a temporary (sub)directory “%TEMP%7zS<hex>.tmp”
created during self-extraction of the full setup packages.

This vulnerability is well-known, every developer past absolute beginner
should know about it: <…