漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents
漏洞信息
jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8.
漏洞信息
N/A
漏洞
N/A
漏洞
Mozilla多款产品 安全漏洞
漏洞信息
Mozilla Firefox等都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。 Mozilla多款产品存在安全漏洞,该漏洞源于文件类型伪装。以下产品及版本受到影响:Firefox 136之前版本、Firefox ESR 128.8之前版本、Thund
漏洞信息
N/A
漏洞
N/A