PT-2024-3597 · Mozilla+2 · Thunderbird+4

Eduardo Braun Prado

·

Published

2024-04-16

·

Updated

2025-07-29

·

CVE-2024-3863

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 125 Mozilla Firefox ESR versions prior to 115.10 Thunderbird versions prior to 115.10
Description: The issue is related to the lack of a warning about potentially dangerous actions when downloading certain files. This could allow a remote attacker to bypass security restrictions and execute arbitrary code using specially crafted files with the .xrm-ms format. The estimated number of potentially affected devices is not provided.
Recommendations: For Mozilla Firefox versions prior to 125, update to version 125 or later to resolve the issue. For Mozilla Firefox ESR versions prior to 115.10, update to version 115.10 or later to resolve the issue. For Thunderbird versions prior to 115.10, update to version 115.10 or later to resolve the issue.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-434CWE-357

Related Identifiers

ALT-PU-2024-13897
ALT-PU-2024-14442
ALT-PU-2024-14892
ALT-PU-2024-15175
ALT-PU-2024-15839
ALT-PU-2024-15841
ALT-PU-2024-6719
ALT-PU-2024-6721
ALT-PU-2024-6765
ALT-PU-2024-7489
ALT-PU-2024-7685
BDU:2024-03908
CVE-2024-3863
OPENSUSE-SU-2024:13884-1
OPENSUSE-SU-2024:13907-1
OPENSUSE-SU-2024:14572-1
OPENSUSE-SU-2024_1350-1
OPENSUSE-SU-2024_1437-1
OPENSUSE-SU-2024_1770-1
SUSE-SU-2024:1319-1
SUSE-SU-2024:1350-1
SUSE-SU-2024:1437-1
SUSE-SU-2024:1676-1
SUSE-SU-2024:1770-1
ZDI-25-708

Affected Products

Alt Linux
Firefox
Firefox Esr
Suse
Thunderbird