[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

File Extension Spoofing using the Text Direction Override Character - CVE-2023-3417

ID: oval:org.secpod.oval:def:91267Date: (C)2023-07-25   (M)2024-02-19
Class: VULNERABILITYFamily: windows




Mozilla Thunderbird 115.0.1: Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension.

Platform:
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server
Microsoft Windows 11
Microsoft Windows Server 2022
Product:
Mozilla Thunderbird
Reference:
CVE-2023-3417
CVE    1
CVE-2023-3417

© SecPod Technologies