CVE-2024-3863 - OpenCVE

The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1885855
https://nvd.nist.gov/vuln/detail/CVE-2024-3863
https://www.cve.org/CVERecord?id=CVE-2024-3863
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3863
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3863
https://www.mozilla.org/security/advisories/mfsa2024-18/
https://www.mozilla.org/security/advisories/mfsa2024-19/
https://www.mozilla.org/security/advisories/mfsa2024-20/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2024-04-16T15:14:08.950Z

Updated: 2024-08-01T20:26:57.123Z

Reserved: 2024-04-15T20:27:02.136Z

Link: CVE-2024-3863

Vulnrichment

Updated: 2024-08-01T20:26:57.123Z

NVD

Status : Awaiting Analysis

Published: 2024-04-16T16:15:08.870

Modified: 2024-04-19T17:15:55.333

Link: CVE-2024-3863

Redhat

Severity : Moderate

Publid Date: 2024-04-16T00:00:00Z

Links: CVE-2024-3863 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-3863", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2024-04-15T20:27:02.136Z", "datePublished": "2024-04-16T15:14:08.950Z", "dateUpdated": "2024-08-01T20:26:57.123Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "125", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "115.10", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "115.10", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The executable file warning was not presented when downloading .xrm-ms files. \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "The executable file warning was not presented when downloading .xrm-ms files. <br>*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10."}]}], "problemTypes": [{"descriptions": [{"description": "Download Protections were bypassed by .xrm-ms files on Windows", "lang": "en", "type": "text"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-18/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-19/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-20/"}], "credits": [{"lang": "en", "value": "Eduardo Braun Prado working with Trend Micro Zero Day Initiative"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2024-06-21T18:16:01.262Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3863", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-07T15:24:10.512817Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:33:10.483Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:26:57.123Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:26:57.123Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3863", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-07T15:24:10.512817Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-07T15:24:13.505Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "value": "Eduardo Braun Prado working with Trend Micro Zero Day Initiative"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "125", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "115.10", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "115.10", "versionType": "custom"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-18/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-19/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-20/"}], "descriptions": [{"lang": "en", "value": "The executable file warning was not presented when downloading .xrm-ms files. \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.", "supportingMedia": [{"type": "text/html", "value": "The executable file warning was not presented when downloading .xrm-ms files. <br>*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Download Protections were bypassed by .xrm-ms files on Windows"}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2024-06-21T18:16:01.262Z"}}}, "cveMetadata": {"cveId": "CVE-2024-3863", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:26:57.123Z", "dateReserved": "2024-04-15T20:27:02.136Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2024-04-16T15:14:08.950Z", "assignerShortName": "mozilla"}, "dataVersion": "5.1"}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Eduardo Braun Prado working with Trend Micro Zero Day Initiative as the original reporter.", "bugzilla": {"description": "Mozilla: Download Protections were bypassed by .xrm-ms files on Windows", "id": "2275554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275554"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "draft"}, "cwe": "CWE-357", "details": ["The executable file warning was not presented when downloading .xrm-ms files. \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.", "The Mozilla Foundation Security Advisory describes this flaw as:\nThe executable file warning was not presented when downloading .xrm-ms files.\n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*"], "name": "CVE-2024-3863", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-3863\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-3863\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3863\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3863"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Moderate", "upstream_fix": "firefox 115.10, thunderbird 115.10"}