DescriptionMozilla Firefox before 22.214.171.124, Thunderbird before 126.96.36.199, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SA:2007:057, published Thu, 25 Oct 2007 18:00:00 +0000