2 matches found
URIs with invalid %-encoding mishandled by Windows — Mozilla
On Windows XP with Internet Explorer 7 installed several "web related" URI schemes do not launch the registered protocol-handler if the URI contains an invalid %-encoded sequence. This was initially reported by Billy Rios and Nate McFeters with additional investigation by Secunia. A patch that...
PT-2007-5080 · Mozilla +1 · Firefox +3
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 2.0.0.6 Thunderbird versions prior to 1.5.0.13 and 2.x prior to 2.0.0.6 SeaMonkey versions prior to 1.1.4 Description: The issue allows remote attackers to execute arbitrary commands via certain vectors...