CVE-2007-3845

NONECVSS 0.0

0.0

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."

🔗 References (68)

secalert@redhathttp://bugzilla.mozilla.org/show_bug.cgi?id=389580
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
secalert@redhathttp://secunia.com/advisories/26234
secalert@redhathttp://secunia.com/advisories/26258
secalert@redhathttp://secunia.com/advisories/26303
secalert@redhathttp://secunia.com/advisories/26309
secalert@redhathttp://secunia.com/advisories/26331
secalert@redhathttp://secunia.com/advisories/26335
secalert@redhathttp://secunia.com/advisories/26393
secalert@redhathttp://secunia.com/advisories/26572
secalert@redhathttp://secunia.com/advisories/27326
secalert@redhathttp://secunia.com/advisories/27414
secalert@redhathttp://secunia.com/advisories/28135
secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101

Is Your Infrastructure Affected by CVE-2007-3845?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-3845

📅 Published

🔄 Last Modified

🔗 References (68)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-3845?