When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1840777 | Issue Tracking Permissions Required |
https://www.mozilla.org/security/advisories/mfsa2023-29/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-30/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-31/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-32/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-33/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2023-08-01T15:00:25.281Z
Updated: 2023-08-07T13:19:25.268Z
Reserved: 2023-08-01T14:59:56.295Z
Link: CVE-2023-4054
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-08-01T16:15:09.890
Modified: 2023-08-07T14:51:09.667
Link: CVE-2023-4054
JSON object: View
Redhat Information
No data.
CWE