Описание
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | Mac OSX only |
| devel | not-affected | Mac OSX only |
| eoan | not-affected | Mac OSX only |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | released | 73.0 |
| xenial | not-affected | Mac OSX only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | Mac OSX only |
| devel | not-affected | Mac OSX only |
| eoan | not-affected | Mac OSX only |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | not-affected | debian: Only affects Mac OSX |
| xenial | not-affected | Mac OSX only |
Показывать по
4.3 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
By downloading a file with the .fileloc extension, a semi-privileged e ...
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
4.3 Medium
CVSS2
4.3 Medium
CVSS3