CVE

Id
26642  
CVE No.
CVE-2007-3285  
Status
Candidate  
Description
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would.  
Phase
Assigned (20070620)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
270609 26642 CVE-2007-3285 MISC:http://www.0x000000.com/?i=333  View
270610 26642 CVE-2007-3285 MISC:https://bugzilla.mozilla.org/show_bug.cgi?id=383478  View
270611 26642 CVE-2007-3285 CONFIRM:http://www.mozilla.org/security/announce/2007/mfsa2007-22.html  View
270612 26642 CVE-2007-3285 CONFIRM:ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt  View
270613 26642 CVE-2007-3285 CONFIRM:http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html  View
270614 26642 CVE-2007-3285 HP:HPSBUX02153  View
270615 26642 CVE-2007-3285 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742  View
270616 26642 CVE-2007-3285 HP:SSRT061181  View
270617 26642 CVE-2007-3285 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742  View
270618 26642 CVE-2007-3285 MANDRIVA:MDKSA-2007:152  View
270619 26642 CVE-2007-3285 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:152  View
270620 26642 CVE-2007-3285 SUNALERT:103177  View
270621 26642 CVE-2007-3285 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1  View
270622 26642 CVE-2007-3285 SUNALERT:201516  View
270623 26642 CVE-2007-3285 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1  View
270624 26642 CVE-2007-3285 SUSE:SUSE-SA:2007:049  View
270625 26642 CVE-2007-3285 URL:http://www.novell.com/linux/security/advisories/2007_49_mozilla.html  View
270626 26642 CVE-2007-3285 UBUNTU:USN-490-1  View
270627 26642 CVE-2007-3285 URL:http://www.ubuntu.com/usn/usn-490-1  View
270628 26642 CVE-2007-3285 BID:24447  View
270629 26642 CVE-2007-3285 URL:http://www.securityfocus.com/bid/24447  View
270630 26642 CVE-2007-3285 VUPEN:ADV-2007-4256  View
270631 26642 CVE-2007-3285 URL:http://www.vupen.com/english/advisories/2007/4256  View
270632 26642 CVE-2007-3285 OSVDB:38032  View
270633 26642 CVE-2007-3285 URL:http://osvdb.org/38032  View
270634 26642 CVE-2007-3285 SECTRACK:1018413  View
270635 26642 CVE-2007-3285 URL:http://www.securitytracker.com/id?1018413  View
270636 26642 CVE-2007-3285 SECUNIA:26149  View
270637 26642 CVE-2007-3285 URL:http://secunia.com/advisories/26149  View
270638 26642 CVE-2007-3285 SECUNIA:26072  View
270639 26642 CVE-2007-3285 URL:http://secunia.com/advisories/26072  View
270640 26642 CVE-2007-3285 SECUNIA:26216  View
270641 26642 CVE-2007-3285 URL:http://secunia.com/advisories/26216  View
270642 26642 CVE-2007-3285 SECUNIA:26204  View
270643 26642 CVE-2007-3285 URL:http://secunia.com/advisories/26204  View
270644 26642 CVE-2007-3285 SECUNIA:26271  View
270645 26642 CVE-2007-3285 URL:http://secunia.com/advisories/26271  View
270646 26642 CVE-2007-3285 SECUNIA:26258  View
270647 26642 CVE-2007-3285 URL:http://secunia.com/advisories/26258  View
270648 26642 CVE-2007-3285 SECUNIA:28135  View

Related JVN