Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN868
_____________________________________________________________________

DATE                : 17/12/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Firefox for iOS versions prior
                                         to 144.0.

=====================================================================
https://www.mozilla.org/en-US/security/advisories/mfsa2025-97/
_____________________________________________________________________


Mozilla Foundation Security Advisory 2025-97
Security Vulnerabilities fixed in Firefox for iOS 144.0

Announced
    December 15, 2025
Impact
    low
Products
    Firefox for iOS
Fixed in

        Firefox for iOS 144

Firefox for iOS 144 was released October 12th, 2025 and the fix for
CVE-2025-14744 was included in the original release; but this
advisory was not published until December 16, 2025 because it was
not recognized at the time.


#CVE-2025-14744: Filename spoofing via Unicode Right-to-Left Override
in Firefox for iOS

Reporter
    Azril
Impact
    low

Description

Unicode RTLO characters could allow malicious websites to spoof
filenames in the downloads UI for Firefox for iOS, potentially
tricking users into saving files of an unexpected file type


References

    Bug 1984683



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================