5 matches found
Mozilla: External protocol handler parameters were unescaped
When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
DEBIAN-CVE-2021-43541
When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
Mozilla Firefox 权限许可和访问控制问题漏洞
Mozilla Firefox, an open source Web browser from the Mozilla Foundation, is vulnerable to an input validation error in Mozilla Firefox ESR that results from a parameter URL containing spaces that is not properly escaped when invoking a protocol handler for an external protocol. A remote attacker...
Mozilla Firefox ESR 安全漏洞
Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR that stems from. A supplied parameter URL containing spaces is not properly escaped when invoking a protocol handler f...
Squirrelmail Remote Code Execution Vulnerability
SquirrelMail is a PHP-based WEB mail service program . A remote code execution vulnerability exists in DeliverSendMail.class.php in the initStream function of Squirrelmail, due to escapeshellcmd not escaping space characters. An attacker could use the vulnerability to execute arbitrary code over...