CVE-2020-15651 - OpenCVE

A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Iphone Os
Mozilla	Firefox

Configuration 1 [-]

AND

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1649160
https://www.mozilla.org/security/advisories/mfsa2020-34/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2020-08-10T17:43:24

Updated: 2024-08-04T13:22:30.401Z

Reserved: 2020-07-10T00:00:00

Link: CVE-2020-15651

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-08-10T18:15:12.247

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-15651

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Firefox for iOS", "vendor": "Mozilla", "versions": [{"lessThan": "28", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28."}], "problemTypes": [{"descriptions": [{"description": "Download Feature: unicode RTLO char can fake the file extension", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-10T17:43:24", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-34/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1649160"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2020-15651", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox for iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "28"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Download Feature: unicode RTLO char can fake the file extension"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2020-34/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-34/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1649160", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1649160"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:22:30.401Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-34/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1649160"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2020-15651", "datePublished": "2020-08-10T17:43:24", "dateReserved": "2020-07-10T00:00:00", "dateUpdated": "2024-08-04T13:22:30.401Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "422EC5FE-DA03-4C14-ADED-D6212BE074D5", "versionEndExcluding": "28.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28."}, {"lang": "es", "value": "Un car\u00e1cter de orden RTL Unicode en el nombre del archivo descargado puede ser usado para cambiar el nombre del archivo durante el flujo de la Interfaz de Usuario de descarga para cambiar la extensi\u00f3n del archivo. Esta vulnerabilidad afecta a Firefox para iOS versiones anteriores a 28"}], "id": "CVE-2020-15651", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-10T18:15:12.247", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1649160"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-34/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}