Thunderbird's update mechanism allowed a medium-integrity user
process to interfere with the SYSTEM-level updater by manipulating
the file-locking behavior. By injecting code into the user-privileged
process, an attacker could bypass intended access controls, allowing
SYSTEM-level file operations on paths controlled by a non-privileged
user and enabling privilege escalation. This vulnerability affects
Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23,
Thunderbird < 138, and Thunderbird < 128.10.