23 matches found
EUVD-2007-4023
Malware in sbrugna...
CVE-2007-4038
Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...
Mandriva Update for mozilla-firefox MDKSA-2007:152 (mozilla-firefox)
Check for the Version of mozilla-firefox OpenVAS Vulnerability Test Mandriva Update for mozilla-firefox MDKSA-2007:152 mozilla-firefox Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute ...
Ubuntu: Security Advisory (USN-503-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link QTL file with an embed XML element and a qtnext parameter containing the...
USN-503-1: Thunderbird vulnerabilities
Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious email, an attacker could execute arbitrary code with the user's privileges. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it...
Cross site scripting
Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...
Cross site scripting
Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...
CVE-2007-4040
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...
Design/Logic Flaw
Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...
Design/Logic Flaw
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...
CVE-2007-4041
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...
CVE-2007-4039
Technical details for CVE-2007-4039 are not publicly provided in the connected documents. The initial description is the only source with general impact; monitor for updates from official advisories or vendor disclosures.
CVE-2007-4039
Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...
CVE-2007-4041
CVE-2007-4041 describes multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and Firefox 3.0alpha that allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in certain URI handlers (mailto, nntp, news, snews, telnet). The issue is a ...
CVE-2007-3954
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are...
Cross site scripting
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are...
CVE-2007-3954
Technical details for CVE-2007-3954 are not publicly available in the provided connected documents. The materials do not specify affected products, versions, impact, exploit status, or remediation. Monitor for updates and rely on official advisories for precise information.
Cross site scripting
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the...
CVE-2007-3924
CVE-2007-3924 describes an argument-injection vulnerability in Internet Explorer when Netscape is installed and certain URIs are registered. The issue arises from IE not properly delimiting the URL argument when invoking Netscape, allowing remote attackers to perform cross-browser scripting and e...