CRITICAL 9.8 Publié le 2024-11-26

CVE-2024-11693

EN The executable file warning was not presented when downloading .library-ms files.
*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS 0.4% percentile 60.4%

Apps suivies affectées

Thunderbird

winget:Mozilla.Thunderbird

1 ouverte

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
mozilla	thunderbird	Windows	<128.5.0	cpe:2.3:a:mozilla:thunderbird::::::::
mozilla	thunderbird	Windows	≥129.0 <133.0	cpe:2.3:a:mozilla:thunderbird::::::::

Voir sur NVD ↗