CVE-2019-11702

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 67.0.2

Description A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. This issue only occurs on Windows, and other operating systems are unaffected.

Recommendations For versions prior to 67.0.2, update to Firefox 67.0.2 to resolve the issue. As a temporary workaround, consider avoiding the use of hyperlinks with the IE.HTTP: protocol until the update is applied. Restrict access to local files to minimize the risk of exploitation.