Security Advisory

CVE-2007-4038

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-07-27 22:00:00

Last updated 2024-08-07 14:37:06

Assigner mitre

State PUBLISHED

Description

Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are inserted into the command line that is created when invoking Thunderbird.exe, a similar issue to CVE-2007-3670.

← Browse all CVEs View on cve.org ↗