CVE-2024-9395

Summary

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 131.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 131affected

Weaknesses

  • Specially crafted filename could be used to obscure download type

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References