Published: 01/08/2023 Updated: 07/08/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox
mozilla firefox_esr

DescriptionA flaw was found in Mozilla The Mozilla Foundation Security Advisory described this flaw when opening appref-ms files, Firefox did not warn the user that these files may contain malicious code This bug only affects Firefox on Windows Other operating systems are unaffectedA flaw was found in Mozilla The Mozilla Foundation Secu ...

Mozilla Foundation Security Advisory 2023-32 Security Vulnerabilities fixed in Thunderbird 10214 Announced August 2, 2023 Impact high Products Thunderbird Fixed in Thunderbird 10214 ...

Mozilla Foundation Security Advisory 2023-33 Security Vulnerabilities fixed in Thunderbird 1151 Announced August 2, 2023 Impact high Products Thunderbird Fixed in Thunderbird 1151 ...

NVD-CWE-noinfo https://www.mozilla.org/security/advisories/mfsa2023-30/https://www.mozilla.org/security/advisories/mfsa2023-31/https://bugzilla.mozilla.org/show_bug.cgi?id=1840777 https://www.mozilla.org/security/advisories/mfsa2023-29/https://www.mozilla.org/security/advisories/mfsa2023-33/https://www.mozilla.org/security/advisories/mfsa2023-32/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-4054 https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/

CVE-2023-4054

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect