JVN/CVE Demo: Nvdinfos

NVD

Id: 55989
Name: CVE-2007-3845
Description: Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."
Reject
CVSS Version: 2
CVSS Score: 9.3
Severity: High
CVSS Base Score: 9.3
CVSS Impact Subscore: 10
CVSS Exploit Subscore: 8.6
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Pub Date: 2017-01-07
Published: 2007-08-07
Modified Date: 2011-03-07
Seq: 2007-3845

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
284860	55989	CVE-2007-3845	http://bugzilla.mozilla.org/show_bug.cgi?id=389580	View
284861	55989	CVE-2007-3845	HPSBUX02153	View
284862	55989	CVE-2007-3845	HPSBUX02156	View
284863	55989	CVE-2007-3845	SSA:2007-213-01	View
284864	55989	CVE-2007-3845	103177	View
284865	55989	CVE-2007-3845	201516	View
284866	55989	CVE-2007-3845	DSA-1344	View
284867	55989	CVE-2007-3845	DSA-1345	View
284868	55989	CVE-2007-3845	DSA-1346	View
284869	55989	CVE-2007-3845	DSA-1391	View
284870	55989	CVE-2007-3845	MDKSA-2007:152	View
284871	55989	CVE-2007-3845	MDVSA-2007:047	View
284872	55989	CVE-2007-3845	MDVSA-2008:047	View
284873	55989	CVE-2007-3845	http://www.mozilla.org/security/announce/2007/mfsa2007-27.html	View
284874	55989	CVE-2007-3845	20070801 FLEA-2007-0039-1 firefox	View
284875	55989	CVE-2007-3845	20070803 FLEA-2007-0040-1 thunderbird	View
284876	55989	CVE-2007-3845	25053	View
284877	55989	CVE-2007-3845	USN-493-1	View
284878	55989	CVE-2007-3845	USN-503-1	View
284879	55989	CVE-2007-3845	ADV-2007-4256	View
284880	55989	CVE-2007-3845	ADV-2008-0082	View
284881	55989	CVE-2007-3845	https://bugzilla.mozilla.org/show_bug.cgi?id=389106	View
284882	55989	CVE-2007-3845	https://issues.rpath.com/browse/RPL-1600	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
51928	JVNDB-2007-000591	Mozilla 製品におけるエスケープされていない URI が外部プログラムに渡される脆弱性	Internet Explorer 7 がインストールされている Windows XP の環境化において、Mozilla 製品には、外部ハンドラに渡される URI の処理に不備があり、プロトコルハンドラに登録されたファイルだけではなく、エスケープされていない URI の終端におけるファイル拡張子をベースとしたプログラムを実行される脆弱性が存在します。	CVE-2007-3845	27200	CVE-2007-3845	55989	9.3		http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000591.html	2007-07-25	2008-01-11	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.48 MB
Controller render start	2.29 MB
View render complete	13.07 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.64
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	249.47
Event: Controller.beforeRender	4.58
» Processing toolbar data	4.48
Rendering View	438.30
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	431.66
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	4.84
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	3.27
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/55989
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/55989
Remote Port	11368
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.133.128.223
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.133.128.223
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.133.128.223
Unique Id	aBNjSfF7dHEcwsFw9Q8VsQAAAE8
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.133.128.223
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.133.128.223
Redirect Unique Id	aBNjSfF7dHEcwsFw9Q8VsQAAAE8
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.133.128.223
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.133.128.223
Redirect Redirect Unique Id	aBNjSfF7dHEcwsFw9Q8VsQAAAE8
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746101065.9205
Request Time	1746101065

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files