CVE-2007-3845 in Thunderbirdinfo

Zusammenfassung (Englisch)

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservieren

18.07.2007

Veröffentlichung

07.08.2007

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
38187	Mozilla Thunderbird Filetype erweiterte Rechte	269	Proof-of-Concept	Offizieller Fix	CVE-2007-3845

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

◂ ZurückÜbersichtWeiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!