CVE-2007-4041

Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:microsoft:windows_2003_server:*:sp2:datacenter_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:enterprise_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:web_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:standard_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:home_edition:*:*:*:*:*
OR cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*

Information

Published : 2007-07-27 15:30

Updated : 2021-07-23 08:04


NVD link : CVE-2007-4041

Mitre link : CVE-2007-4041


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows_xp
  • windows_2003_server
  • internet_explorer

mozilla

  • firefox