12 matches found
EUVD-2020-9400
Malware in sbrugna...
USN-6333-1 thunderbird vulnerabilities
Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. CVE-2023-3417 Max Vlasov discovered that Thunderbird Offscre...
Telegram Desktop <= 2.1.13 Protection Mechanism Bypass Vulnerability - Windows
Telegram Desktop is prone to a protection mechanism bypass vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2020-17448
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...
Type confusion
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...
UBUNTU-CVE-2020-17448
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...
CVE-2020-17448
Summary (CVE-2020-17448, Telegram Desktop): Telegram Desktop up to version 2.1.13 is affected by a spoofed file type that bypasses the Dangerous File Type Execution protection, demonstrated by a filename without an extension. Root cause: failure of the protection mechanism to correctly validate f...
CVE-2020-17448
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...
Windows Defender Antivirus 4.18.1908.7-0 File Extension Spoofing Vulnerability
David Haintz ======================================================================= title: File Extension Spoofing product: Windows Defender Antivirus vulnerable version: 4.18.1908.7-0 fixed version: Virus Definition Update of 2019/09/30 CVE number: - impact: High homepage:...
H2 Information Disclosure Vulnerability
H2 is a set of open source database management software . An information disclosure vulnerability exists in H2 version 1.4.197 that stems from the program not having secure processing privileges. The vulnerability can be exploited by an attacker to read sensitive files files outside the attacker'...
Open redirect
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full,...
Microsoft Internet Explorer 5.56.0 - Spoofable File Extensions
Microsoft Internet Explorer 5.56.0 - Spoofable File Extensions source: https://www.securityfocus.com/bid/3597/info It is possible for a malicious webmaster, hosting files on an website, to spoof file extensions for users of Internet Explorer. For example, an .exe file can be made to look like a...