CVE-2007-4841

Priority
Low
Description
Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey
before 1.1.5 allows remote attackers to execute arbitrary commands via a
(1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding,
related to improper file type handling on Windows XP with Internet Explorer
7 installed, a variant of CVE-2007-3845.
References
Notes
jdstrand> unspecified vulnerability
kees> Windows-only.
Package
Upstream:released (2.0.0.8)
Ubuntu 8.04 LTS (Hardy Heron):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:12 UTC (commit 5347)