VULHUB ™

A download dialogue box file name spoofing vulnerability affects Mozilla Firefox. This issue is due to a design error that facilitates the spoofing of file names. An attacker may leverage this issue to spoof downloaded file names to unsuspecting users. This issue may lead to a compromise of the target computer as well as other consequences. NOTE: This issue has been fixed by reducing the number of space characters displayed in the dialogue box. It should be noted that this issue may still be triggered by using other characters to fill the space such as non-displayable characters and even extremely long file names. Users should be cautious about downloading files with the affected application.

A download dialogue box file name spoofing vulnerability affects Mozilla Firefox. This issue is due to a design error that facilitates the spoofing of file names. An attacker may leverage this issue to spoof downloaded file names to unsuspecting users. This issue may lead to a compromise of the target computer as well as other consequences. NOTE: This issue has been fixed by reducing the number of space characters displayed in the dialogue box. It should be noted that this issue may still be triggered by using other characters to fill the space such as non-displayable characters and even extremely long file names. Users should be cautious about downloading files with the affected application.