CVE-2005-1576

2022-10-0316:22:43

mitre

www.cve.org

mozilla firefox

windows

file download

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.0%

JSON

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when “Save to Disk” is selected, which allows remote attackers to hide the real file types of downloaded files.

References

secunia.com/advisories/12979

secunia.com/secunia_research/2004-11/advisory/

www.osvdb.org/16432