First published: Fri Jul 27 2007(Updated: )
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 2003 Server | =sp2 | |
Microsoft Windows 2003 Server | =sp2 | |
Microsoft Windows 2003 Server | =sp2 | |
Microsoft Windows 2003 Server | =sp2 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | =sp2 | |
Microsoft Internet Explorer | =7 | |
Mozilla Firefox | =2.0.0.5 | |
Mozilla Firefox | =3.0-alpha |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.