9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.965 High
EPSS
Percentile
99.6%
Jesper Johansson pointed out that Mozilla did not percent-encode spaces and double-quotes in URIs handed off to external programs for handling, which can cause the receiving program to mistakenly interpret a single URI as multiple arguments. The danger depends on the arguments supported by the specific receiving program, though at the very least we know Firefox (and Thunderbird) 2.0.0.4 and older could be used to run arbitrary script (see MFSA 2007-23). The vast majority of programs do not have dangerous arguments, though many could still be made to do something unexpected.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 2.0.0.6 | |
seamonkey | lt | 1.1.4 | |
thunderbird | lt | 1.5.0.13 | |
thunderbird | lt | 2.0.0.6 |
msinfluentials.com/blogs/jesper/archive/2007/07/20/hey-mozilla-quotes-are-not-legal-in-a-url.aspx
nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3845
secunia.com/advisories/26201/
www.kb.cert.org/vuls/id/403150
www.kb.cert.org/vuls/id/783400
bugzilla.mozilla.org/show_bug.cgi?id=389106
bugzilla.mozilla.org/show_bug.cgi?id=389580
mfsa2007-23.html