Unrated severityNVD Advisory· Published May 12, 2005· Updated Apr 16, 2026

CVE-2005-1576

Description

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.

Affected products

Mozilla Corporation/Firefox3 versions
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- (no CPE)range: <= 1.0

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/12979nvdExploitPatchVendor Advisory
secunia.com/secunia_research/2004-11/advisory/nvdExploitPatchVendor Advisory
www.osvdb.org/16432nvdExploitVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000