CVE request for Mozilla Thunderbird (Windows)

["Stefan Kanthak" <stefan.kanthak () nexgo de>]

The installer of Mozilla Thunderbird writes the following command line
with unquoted spaces for uninstallation into the Windows registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Thunderbird 17.0.5 (x86 en-US)]
"UninstallString"="C:\\Program Files\\Mozilla Thunderbird\\uninstall\\helper.exe"

See <https://bugzilla.mozilla.org/show_bug.cgi?id=871084>,
<https://bugzilla.mozilla.org/show_bug.cgi?id=786407> and
<https://bugzilla.mozilla.org/show_bug.cgi?id=868746>

Due to a well-known and well-documented idiosyncrasy of Windows'
CreateProcess() API this can result in the execution of a rogue
program "C:\Program.exe" or "C:\Program Files\Mozilla.exe" with the
privileges of the caller.
Since the caller of this command line typically has administrative
rights this vulnerability can lead to a privilege escalation.

Affected versions: all current releases.

Fixed version: ?

Stefan Kanthak