Bypass of file download extension restrictions - CVE-2023-29542ID: oval:org.secpod.oval:def:89111 | Date: (C)2023-04-13 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.
Platform: |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Microsoft Windows 10 |
Microsoft Windows 11 |
Product: |
Mozilla Firefox |
Mozilla Firefox ESR |
Mozilla Thunderbird |