CVE 2016-2809
The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.
See the 
CVE page on Mitre.org
for more details.
