Improper Access Restriction in Mozilla Firefox and Thunderbird on Mac OS X

Improper Access Restriction in Mozilla Firefox and Thunderbird on Mac OS X

CVE-2011-3666 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files to be executable files, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted file. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-2372 on Mac OS X.

Learn more about our User Device Pen Test.