Описание
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 102.0+build2-0ubuntu0.18.04.1 |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | released | 102.0+build2-0ubuntu0.20.04.1 |
| impish | released | 102.0+build2-0ubuntu0.21.10.1 |
| jammy | not-affected | code not present |
| kinetic | not-affected | code not present |
| lunar | not-affected | code not present |
| trusty | DNE | |
| upstream | released | 102 |
Показывать по
8.8 High
CVSS3
Связанные уязвимости
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.
An attacker who could have convinced a user to drag and drop an image ...
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.
Уязвимость бразуера Mozilla Firefox, связанная с недостаточным предупреждением об опасных действиях, позволяющая нарушителю выполнить произвольный код
8.8 High
CVSS3