vulnerability
FreeBSD: VID-5AEFC41E-D304-4EC8-8C82-824F84F08244 (CVE-2018-5173): mozilla -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | May 9, 2018 | May 10, 2018 | May 7, 2019 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
May 9, 2018
Added
May 10, 2018
Modified
May 7, 2019
Description
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox
Solution(s)
freebsd-upgrade-package-firefoxfreebsd-upgrade-package-firefox-esrfreebsd-upgrade-package-libxulfreebsd-upgrade-package-linux-firefoxfreebsd-upgrade-package-linux-seamonkeyfreebsd-upgrade-package-linux-thunderbirdfreebsd-upgrade-package-seamonkeyfreebsd-upgrade-package-thunderbirdfreebsd-upgrade-package-waterfox
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.