Security Advisory

CVE-2006-2057

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-04-26 20:00:00

Last updated 2024-08-07 17:35:31

Assigner mitre

State PUBLISHED

Description

Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API.

← Browse all CVEs View on cve.org ↗