Описание
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-4054
- https://bugzilla.mozilla.org/show_bug.cgi?id=1840777
- https://www.mozilla.org/security/advisories/mfsa2023-29
- https://www.mozilla.org/security/advisories/mfsa2023-30
- https://www.mozilla.org/security/advisories/mfsa2023-31
- https://www.mozilla.org/security/advisories/mfsa2023-32
- https://www.mozilla.org/security/advisories/mfsa2023-33
Связанные уязвимости
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.
When opening appref-ms files, Firefox did not warn the user that these ...
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, связанная с недостаточным предупреждением об опасных действиях, позволяющая нарушителю выполнить произвольный код