Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 112.0 | |
firefox | lt | 112.0 | |
firefox_esr | lt | 102.10 | |
focus | lt | 112.0 | |
thunderbird | lt | 102.10 |