The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote malicious users to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 1.0 |
||
mozilla firefox 0.10.1 |