The executable file warning was not presented when downloading .library-ms files.
*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mozilla
Mozilla firefox Mozilla firefox Esr Mozilla thunderbird |
|
CPEs | cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:* cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Mozilla
Mozilla firefox Mozilla firefox Esr Mozilla thunderbird |
|
Metrics |
cvssV3_1
|
ssvc
|
Wed, 27 Nov 2024 01:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | firefox: thunderbird: Download Protections were bypassed by .library-ms files on Windows | |
Weaknesses | CWE-356 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Tue, 26 Nov 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The executable file warning was not presented when downloading .library-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2024-11-26T13:33:57.608Z
Updated: 2024-11-27T15:36:35.662Z
Reserved: 2024-11-25T16:29:27.970Z
Link: CVE-2024-11693
Vulnrichment
Updated: 2024-11-27T15:36:24.077Z
NVD
Status : Received
Published: 2024-11-26T14:15:18.847
Modified: 2024-11-27T16:15:12.753
Link: CVE-2024-11693
Redhat