Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-5173

Опубликовано: 11 июн. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 5.3

Описание

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.

РелизСтатусПримечание
artful

released

60.0+build2-0ubuntu0.17.10.1
bionic

released

60.0+build2-0ubuntu1
devel

released

60.0+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [60.0+build2-0ubuntu0.14.04.1]]
precise/esm

DNE

trusty

released

60.0+build2-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [60.0+build2-0ubuntu0.14.04.1]
upstream

released

60.0
xenial

released

60.0+build2-0ubuntu0.16.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%
0.01028
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-5173

CVSS3: 6.1
redhat
больше 7 лет назад

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.

nvd логотип

CVE-2018-5173

CVSS3: 5.3
nvd
больше 7 лет назад

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.

debian логотип

CVE-2018-5173

CVSS3: 5.3
debian
больше 7 лет назад

The filename appearing in the "Downloads" panel improperly renders som ...

github логотип

GHSA-hg6x-mmgv-6qvx

CVSS3: 5.3
github
больше 3 лет назад

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.

fstec логотип

BDU:2019-03513

CVSS3: 6.5
fstec
около 7 лет назад

Уязвимость браузера Firefox, вызванная ошибками отображения символов в именах файлов во вкладке «Загрузки», позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 77%
0.01028
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3