#VU7076 Security bypass in Firefox ESR
Vulnerability identifier: #VU7076
Vulnerability risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Firefox ESR
Client/Desktop applications /
Web browsers
Vendor: Mozilla
Description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to incorrect saving of the "Mark of the Web" on Windows when files with very long names were downloaded from the Internet. A remote attacker can trick the victim into downloading a specially crafted file, execute it and bypass "Mark of the Web".
Successful exploitation of the vulnerability may result in further attacks.
Mitigation
Update to version 52.2.
Vulnerable software versions
Firefox ESR: 52.0.1, 45.0 - 45.8, 38.0 - 38.8.0
External links
http://www.mozilla.org/en-US/security/advisories/mfsa2017-16/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
