QwikSec

Security Database

CVE

CWE

Training

CVE-2005-1576

Published: May 14, 2005

Modified: Sep 16, 2024

PUBLISHED

Description

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

http://secunia.com/secunia_research/2004-11/advisory/

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2005-1576 - Security Vulnerability | QwikSec