NVD

Id
56952  
Name
CVE-2007-4841  
Description
Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-09-12  
Modified Date
2011-09-21  
Seq
2007-4841  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
290693 56952 CVE-2007-4841 SSRT061181  View
290694 56952 CVE-2007-4841 HPSBUX02156  View
290695 56952 CVE-2007-4841 SSA:2007-324-01  View
290696 56952 CVE-2007-4841 MDKSA-2007:202  View
290697 56952 CVE-2007-4841 http://www.mozilla.org/security/announce/2007/mfsa2007-36.html  View
290698 56952 CVE-2007-4841 25543  View
290699 56952 CVE-2007-4841 ADV-2007-3544  View
290700 56952 CVE-2007-4841 ADV-2008-0082  View
290701 56952 CVE-2007-4841 ADV-2008-0083  View
290702 56952 CVE-2007-4841 http://xs-sniper.com/blog/2007/09/01/firefox-file-handling-woes/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52200 JVNDB-2007-000890 Mozilla 製品における任意のコマンドが実行される脆弱性 Internet Explorer 7 がインストールされている Windows XP の環境化において、Web 関連 URI スキーマに不正な % エンコードの配列が含まれている際に、登録されたプロトコルハンドラが起動しない脆弱性が存在します。 CVE-2007-4841 28196 CVE-2007-4841 56952 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000890.html 2007-09-12 2007-12-10 View