53 matches found
Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24837/info Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and 'navigatorurl' protocol handlers. Exploiting the...
Google Chrome < 1.0.154.48 Cross-browser Command Execution
The version of Google Chrome installed on the remote host is earlier than 1.0.154.48. Such versions are reportedly affected by a protocol- handler command-injection vulnerability that could allow an attacker to carry out cross-browser scripting attacks. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2007-4039
Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...
Cross site scripting
Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...
CVE-2007-4038
Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...
Cross site scripting
Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...
CVE-2007-4038
Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...
CVE-2007-4040
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...
CVE-2007-4039
Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...
CVE-2007-4039
Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...
CVE-2007-4040
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...
CVE-2007-4039
Technical details for CVE-2007-4039 are not publicly provided in the connected documents. The initial description is the only source with general impact; monitor for updates from official advisories or vendor disclosures.
CVE-2007-4038
Technical details for CVE-2007-4038 are not present in the provided Connected documents. The initial description mentions a mailto: argument-injection issue in Firefox/Thunderbird but lacks product/version/patch specifics. Monitor for updates.
CVE-2007-4040
Technical details for CVE-2007-4040 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2007-4040
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...
CVE-2007-4038
Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...
Cross site scripting
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are...
CVE-2007-3954
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are...
CVE-2007-3954
Technical details for CVE-2007-3954 are not publicly available in the provided connected documents. The materials do not specify affected products, versions, impact, exploit status, or remediation. Monitor for updates and rely on official advisories for precise information.
Cross site scripting
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the...