30/07/2025

ZDI-25-708: Mozilla Firefox Web Page Download Mark-Of-The-Web Protection Mechanism Failure Vulnerability

This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must perform a specific action on a malicious page. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-3863.

Comments are closed.

You may also like

ZDI-25-439: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-25-1070: TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability