Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4023

Malware in sbrugna...

9.8CVSS9.2AI score0.02014EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2015/10/30 10:30 a.m.32 views

CVE-2007-4038

Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...

4.3CVSS8.2AI score0.29355EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.20 views

Mandriva Update for mozilla-firefox MDKSA-2007:152 (mozilla-firefox)

Check for the Version of mozilla-firefox OpenVAS Vulnerability Test Mandriva Update for mozilla-firefox MDKSA-2007:152 mozilla-firefox Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute ...

9.3CVSS0.29355EPSS
Exploits11References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-503-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.7AI score0.29355EPSS
Exploits6References2
Prion
Prion
added 2007/09/24 12:17 a.m.22 views

Design/Logic Flaw

Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link QTL file with an embed XML element and a qtnext parameter containing the...

9.3CVSS8.6AI score0.29355EPSS
Exploits4References10Affected Software2
Ubuntu
Ubuntu
added 2007/08/25 12:37 a.m.94 views

USN-503-1: Thunderbird vulnerabilities

Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious email, an attacker could execute arbitrary code with the user's privileges. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it...

9.3CVSS8.5AI score0.29355EPSS
Exploits6
Prion
Prion
added 2007/07/27 10:30 p.m.27 views

Cross site scripting

Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...

4.3CVSS8.7AI score0.29355EPSS
Exploits3References2
Prion
Prion
added 2007/07/27 10:30 p.m.48 views

Cross site scripting

Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...

4.3CVSS8.7AI score0.29355EPSS
Exploits3References4Affected Software2
NVD
NVD
added 2007/07/27 10:30 p.m.26 views

CVE-2007-4040

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...

8.8CVSS7.3AI score0.13472EPSS
Exploits0References2
Prion
Prion
added 2007/07/27 10:30 p.m.29 views

Design/Logic Flaw

Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...

7.5CVSS9.1AI score0.29355EPSS
Exploits3References2Affected Software2
Prion
Prion
added 2007/07/27 10:30 p.m.26 views

Design/Logic Flaw

Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...

6.8CVSS9.1AI score0.29355EPSS
Exploits3References6Affected Software2
NVD
NVD
added 2007/07/27 10:30 p.m.26 views

CVE-2007-4041

Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...

6.8CVSS7.8AI score0.19655EPSS
Exploits0References6
CVE
CVE
added 2007/07/27 10:0 p.m.65 views

CVE-2007-4039

Technical details for CVE-2007-4039 are not publicly provided in the connected documents. The initial description is the only source with general impact; monitor for updates from official advisories or vendor disclosures.

9.8CVSS8.2AI score0.02014EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2007/07/27 10:0 p.m.27 views

CVE-2007-4039

Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...

9.3AI score0.02014EPSS
Exploits0References2
CVE
CVE
added 2007/07/27 10:0 p.m.70 views

CVE-2007-4041

CVE-2007-4041 describes multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and Firefox 3.0alpha that allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in certain URI handlers (mailto, nntp, news, snews, telnet). The issue is a ...

6.8CVSS8.4AI score0.19655EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2007/07/24 5:30 p.m.22 views

CVE-2007-3954

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are...

4.3CVSS7.2AI score0.06673EPSS
Exploits3References2
Prion
Prion
added 2007/07/24 5:30 p.m.21 views

Cross site scripting

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are...

4.3CVSS8.6AI score0.29355EPSS
Exploits3References2
CVE
CVE
added 2007/07/24 5:0 p.m.61 views

CVE-2007-3954

Technical details for CVE-2007-3954 are not publicly available in the provided connected documents. The materials do not specify affected products, versions, impact, exploit status, or remediation. Monitor for updates and rely on official advisories for precise information.

4.3CVSS8AI score0.29355EPSS
Exploits3References2Affected Software2
Prion
Prion
added 2007/07/21 12:30 a.m.23 views

Cross site scripting

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the...

9.3CVSS8.6AI score0.29355EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2007/07/21 12:0 a.m.60 views

CVE-2007-3924

CVE-2007-3924 describes an argument-injection vulnerability in Internet Explorer when Netscape is installed and certain URIs are registered. The issue arises from IE not properly delimiting the URL argument when invoking Netscape, allowing remote attackers to perform cross-browser scripting and e...

9.3CVSS8AI score0.13631EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder