Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR 64-bit

Download Firefox ESR 32-bit

Download a different build

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR
Firefox Privacy Notice
Get Mozilla VPN

Mozilla Foundation Security Advisory 2023-28

Security Vulnerabilities fixed in Thunderbird 102.13.1

Announced
July 4, 2023
Impact
high
Products
Thunderbird
Fixed in
  • Thunderbird 102.13.1

#CVE-2023-3417: File Extension Spoofing using the Text Direction Override Character

Reporter
이준성 (Junsung Lee)
Impact
moderate
Description

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension.

References