Secunia
Login
|
|
CVE Reference: CVE-2007-4841 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4841 |
|
|
Description: Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845. |
|
|
CVE Status: Candidate |
|
|
References: SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.471007 SAID Secunia Advisory: SA27311 Secunia Advisory: SA27315 Secunia Advisory: SA27414 Secunia Advisory: SA27360 Secunia Advisory: SA28363 Secunia Advisory: SA28398 Secunia Advisory: SA27744 MISC http://xs-sniper.com/blog/2007/09/01/firefox-file-handling-woes/ MANDRIVA http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-36.html BID 25543 |
|
| Return to the previous page. |
