Today > 5 Critical | 8 High | 34 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-5692

June 11, 2024, 1:54 p.m.

Tags

security@mozilla.org
2024-06-11
CVE-2024-5692

Product(s) Impacted

Firefox

  • < 127
  • < 115.12

Description

On Windows, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127 and Firefox ESR < 115.12.

Weaknesses

Date

Published: June 11, 2024, 1:15 p.m.

Last Modified: June 11, 2024, 1:54 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

security@mozilla.org

References

https://bugzilla.mozilla.org/ security@mozilla.org
https://bugzilla.mozilla.org/ security@mozilla.org
https://www.mozilla.org/ security@mozilla.org
https://www.mozilla.org/ security@mozilla.org