Vulnerability Details : CVE-2005-1576
Potential exploit
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.
Products affected by CVE-2005-1576
- cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-1576
0.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 63 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-1576
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
2.6
|
LOW | AV:N/AC:H/Au:N/C:N/I:P/A:N |
4.9
|
2.9
|
NIST |
References for CVE-2005-1576
-
http://secunia.com/secunia_research/2004-11/advisory/
Exploit;Patch;Vendor Advisory
-
http://secunia.com/advisories/12979
Exploit;Patch;Vendor Advisory
-
http://www.osvdb.org/16432
Exploit;Vendor Advisory
Jump to