Vulnerability Name: CVE-2007-4841 (CCN-38323) Assigned: 2007-09-01 Published: 2007-09-01 Updated: 2019-10-09 Summary: Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845 . CVSS v3 Severity: 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 7.6 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:TF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C 6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:TF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-20 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2007-4841 SSRT061181 HPSBUX02156 Mozilla Firefox Multiple Vulnerabilities 27311 Mozilla SeaMonkey Multiple Vulnerabilities 27315 Warpzilla Enhanced Multiple Vulnerabilities Netscape Multiple Vulnerabilities 27360 27414 27744 28363 28398 SSA:2007-324-01 MDKSA-2007:202 URIs with invalid %-encoding mishandled by Windows http://www.mozilla.org/security/announce/2007/mfsa2007-36.html 25543 Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability ADV-2007-3544 ADV-2008-0082 ADV-2008-0083 Firefox File Handling Woes http://xs-sniper.com/blog/2007/09/01/firefox-file-handling-woes/ mozilla-uri-percent-command-execution(38323) Mozilla Security Update Vulnerable Configuration: Configuration 1 :cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 2.0.0.8)OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version <= 1.1.5) OR cpe:/a:mozilla:thunderbird:*:*:*:*:*:*:*:* (Version <= 2.0.0.8) Configuration CCN 1 :cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:* OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:* OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:* OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:* OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:* OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:* OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:* OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:* OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:* OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:* OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:* OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:* OR cpe:/a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:* AND cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:* OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:* OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:* OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:* OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:* Oval Definitions BACK
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox 2.0
mozilla firefox 2.0.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.5
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.6
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.3
mozilla thunderbird 2.0.0.2
mozilla thunderbird 2.0.0.1
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.1
mozilla firefox 2.0.0.7
mozilla thunderbird 2.0.0.6
mozilla thunderbird 2.0.0.7
mozilla seamonkey 1.1.4
mozilla thunderbird 2.0.0.0
mandrakesoft mandrake linux corporate server 3.0
novell linux desktop 9
novell open enterprise server *
novell suse linux enterprise server 10 sp2
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 3.0
turbolinux turbolinux fuji
mandrakesoft mandrake linux 2007.1
mandrakesoft mandrake linux 2008.0
mandrakesoft mandrake linux 2008.0
mandrakesoft mandrake linux 2007.1
novell open enterprise server *
novell opensuse 10.2
novell opensuse 10.3
Denotes that component is vulnerable