CVE-2007-3845

HIGH

Description

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."

References

http://bugzilla.mozilla.org/show_bug.cgi?id=389580

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

http://secunia.com/advisories/26234

http://secunia.com/advisories/26258

http://secunia.com/advisories/26303

http://secunia.com/advisories/26309

http://secunia.com/advisories/26331

http://secunia.com/advisories/26335

http://secunia.com/advisories/26393

http://secunia.com/advisories/26572

http://secunia.com/advisories/27326

http://secunia.com/advisories/27414

http://secunia.com/advisories/28135

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

http://www.debian.org/security/2007/dsa-1344

http://www.debian.org/security/2007/dsa-1345

http://www.debian.org/security/2007/dsa-1346

http://www.debian.org/security/2007/dsa-1391

http://www.mandriva.com/security/advisories?name=MDKSA-2007:152

http://www.mandriva.com/security/advisories?name=MDVSA-2007:047

http://www.mandriva.com/security/advisories?name=MDVSA-2008:047

http://www.mozilla.org/security/announce/2007/mfsa2007-27.html

http://www.securityfocus.com/archive/1/475265/100/200/threaded

http://www.securityfocus.com/archive/1/475450/30/5550/threaded

http://www.securityfocus.com/bid/25053

http://www.ubuntu.com/usn/usn-493-1

http://www.ubuntu.com/usn/usn-503-1

http://www.vupen.com/english/advisories/2007/4256

http://www.vupen.com/english/advisories/2008/0082

https://bugzilla.mozilla.org/show_bug.cgi?id=389106

https://issues.rpath.com/browse/RPL-1600

Details

Source: MITRE

Published: 2007-08-08

Updated: 2018-10-15

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH