firefox is vulnerable to Reflected File Download. The vulnerability exists when handling the filename directive in the Content-Disposition header, and the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks, potentially tricking users into installing malware.