Vulnerabilities

CVE-2007-4841

by Fred · 12/09/2007

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.

Date published : 2007-09-12

http://www.securityfocus.com/bid/25543

http://www.mozilla.org/security/announce/2007/mfsa2007-36.html

Similar

Tags: Cybersecurity Alert