Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:23812
HistoryApr 10, 2020 - 12:36 a.m.

Remote Code Execution (RCE)

2020-04-1000:36:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23

EPSS

0.014

Percentile

86.6%

SeaMonkey is vulnerable to Remote Code Execution (RCE). Due to a flaw found in the way SeaMonkey displays a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differs from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that differs from what the user expected.

References