Firefox for Android Vulnerability: File Name with Many Spaces Triggers Extension Obscuration

CVE-2024-9395

Currently unrated 🤨

Key Information

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 1 October 2024

Summary

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 131.

Affected Version(s)

Firefox < 131

Refferences

https://bugzilla.mozilla.org/show_bug.cgi?id=1906024

https://www.mozilla.org/security/advisories/mfsa2024-46/

Timeline

Vulnerability Reserved
Oct 1, 2024
Vulnerability published
Oct 1, 2024

Collectors

NVD DatabaseMitre Database

Credit

Hafiizh