Red Hat Bugzilla – Bug 479057
/etc/mailcap unsafe xdg-open usage
Last modified: 2009-01-06 15:27:52 EST
The following issue was reported to us from Manuel Reimer:
The basic summary, is that xdg-open detects the file mime type, and Firefox gets its mime type from the server. That means that a malicious site could trick a user into thinking they are downloading a PDF file, but could be treated differently by xdg-open.
*** This bug has been marked as a duplicate of bug 479010 ***