Security Advisory: Mozilla Foundation Security Advisory 2009-62

[EN] securityvulns.ru
no-pyccku

Related information
  Mozilla Firefox / Seamonkey multiple security vulnerabilities
  Context IS Advisory - Autocomplete Data Theft in Mozilla Firefox
  iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability
  Secunia Research: Mozilla Firefox Floating Point Memory Allocation Vulnerability
  Mozilla Firefox 3.5.3 Local Download Manager Exploit

From: MOZILLA
Date: 28.10.2009
Subject: Mozilla Foundation Security Advisory 2009-62

Mozilla Foundation Security Advisory 2009-62

Title: Download filename spoofing with RTL override
Impact: Low
Announced: October 27, 2009
Reporter: Jesse Ruderman, Sid Stamm
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.5.4
Firefox 3.0.15
SeaMonkey 2.0
Description

Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file.
References

   * https://bugzilla.mozilla.org/show_bug.cgi?id=511521
   * CVE-2009-3376

test server