CVE-2004-2227

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions.

Affected (8)

Products: Mozilla: Firefox

1 product

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 0.10.1
Mozilla Firefox	Version 0.10
Mozilla Firefox	Version 0.8
Mozilla Firefox	Version 0.9.1
Mozilla Firefox	Version 0.9.2
Mozilla Firefox	Version 0.9.3
Mozilla Firefox	Version 0.9
Mozilla Firefox	Version 0.9 rc

References (12)

http://secunia.com/advisories/13144

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/13724

Source: cve@mitre.org

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200501-03.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/11591

Source: cve@mitre.org

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=234416

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/18016

Source: cve@mitre.org

http://secunia.com/advisories/13144

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/13724

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200501-03.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/11591

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=234416

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/18016

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.