CVE-2019-17019

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 72

Description The issue is related to the handling of Python files served with the MIME type of text/plain. When such a file is downloaded and the Open option is selected, it could be executed by Python instead of being opened as a text file. This problem only occurs on Windows, and other operating systems are not affected. The vulnerability may allow a remote attacker to execute arbitrary code due to errors in input processing.

Recommendations For versions prior to 72, update to version 72 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the Open option when downloading Python files to prevent potential execution by Python. Restrict access to Python files served with the MIME type of text/plain to minimize the risk of exploitation.