mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
1.5 KiB
1.5 KiB
CVE-2023-29541
Description
Firefox did not properly handle downloads of files ending in .desktop, which can be interpreted to run attacker-controlled commands.
This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
POC
Reference
Github
No PoCs found on GitHub currently.