Vulnerabilities > CVE-2023-4054 - Unspecified vulnerability in Mozilla Firefox

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
local
low complexity
mozilla

Summary

When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.

Vulnerable Configurations

Part Description Count
Application
Mozilla
953
OS
Microsoft
1