DescriptionMozilla Firefox before 188.8.131.52, Thunderbird before 184.108.40.206, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2007:057, published Thu, 25 Oct 2007 18:00:00 +0000
SUSE Timeline for this CVECVE page created: Tue Jul 9 16:04:43 2013
CVE page last modified: Fri Dec 8 16:22:32 2023