CVE-2007-4841
Priority
Low
Description
Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey
before 1.1.5 allows remote attackers to execute arbitrary commands via a
(1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding,
related to improper file type handling on Windows XP with Internet Explorer
7 installed, a variant of CVE-2007-3845.
before 1.1.5 allows remote attackers to execute arbitrary commands via a
(1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding,
related to improper file type handling on Windows XP with Internet Explorer
7 installed, a variant of CVE-2007-3845.
References
Notes
jdstrand> unspecified vulnerability
kees> Windows-only.
kees> Windows-only.
Package
| Upstream: | released (2.0.0.8) |
| Ubuntu 8.04 LTS (Hardy Heron): | not-affected |