PT-2024-4634 · Mozilla+3 · Thunderbird+5

Raphael Shaniyazov

·

Published

2024-06-11

·

Updated

2025-03-21

·

CVE-2024-5692

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 127 Firefox ESR versions prior to 115.12 Thunderbird versions prior to 115.12
Description: The issue is related to insufficient input validation in the 'Save As' function of Mozilla Firefox, Firefox ESR, and Thunderbird on Windows operating systems. This could allow a remote attacker to impact the confidentiality and integrity of protected information by replacing characters in file extensions. The vulnerability can be exploited by tricking the browser into saving a file with a disallowed extension, such as .url, by including an invalid character in the extension.
Recommendations: For Mozilla Firefox versions prior to 127, update to version 127 or later to resolve the issue. For Firefox ESR versions prior to 115.12, update to version 115.12 or later to resolve the issue. For Thunderbird versions prior to 115.12, update to version 115.12 or later to resolve the issue.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-254CWE-20

Related Identifiers

ALT-PU-2024-10126
ALT-PU-2024-10593
ALT-PU-2024-13895
ALT-PU-2024-13897
ALT-PU-2024-13898
ALT-PU-2024-14780
ALT-PU-2024-14892
ALT-PU-2024-15087
ALT-PU-2024-15175
ALT-PU-2024-15839
ALT-PU-2024-15840
ALT-PU-2024-15841
BDU:2024-05142
CVE-2024-5692
OESA-2025-1258
OESA-2025-1322
OESA-2025-1323
OPENSUSE-SU-2024:14044-1
OPENSUSE-SU-2024:14049-1
OPENSUSE-SU-2024:14572-1
OPENSUSE-SU-2024_2061-1
SUSE-SU-2024:2012-1
SUSE-SU-2024:2061-1
SUSE-SU-2024:2073-1
SUSE-SU-2024:2371-1
SUSE-SU-2024:2399-1

Affected Products

Alt Linux
Firefox Esr
Firefox
Red Os
Suse
Thunderbird