Attachment files saved to disk on macOS could be executed without warning - CVE-2022-3155| ID: oval:org.secpod.oval:def:84320 | Date: (C)2022-09-23 (M)2023-11-19 |
| Class: VULNERABILITY | Family: macos |
Mozilla Thunderbird 102.3 : When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm.
| Platform: |
| Apple Mac OS 14 |
| Apple Mac OS 13 |
| Apple Mac OS X 10.11 |
| Apple Mac OS X 10.12 |
| Apple Mac OS X 10.13 |
| Apple Mac OS X 10.14 |
| Apple Mac OS X 10.15 |
| Apple Mac OS 11 |
| Apple Mac OS 12 |
| Product: |
| Mozilla Thunderbird |
