CVE-2007-3845

critical

Description

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."

References

https://issues.rpath.com/browse/RPL-1600

https://bugzilla.mozilla.org/show_bug.cgi?id=389106

http://www.vupen.com/english/advisories/2008/0082

http://www.vupen.com/english/advisories/2007/4256

http://www.ubuntu.com/usn/usn-503-1

http://www.ubuntu.com/usn/usn-493-1

http://www.securityfocus.com/bid/25053

http://www.securityfocus.com/archive/1/475450/30/5550/threaded

http://www.securityfocus.com/archive/1/475265/100/200/threaded

http://www.mozilla.org/security/announce/2007/mfsa2007-27.html

http://www.mandriva.com/security/advisories?name=MDVSA-2008:047

http://www.mandriva.com/security/advisories?name=MDVSA-2007:047

http://www.mandriva.com/security/advisories?name=MDKSA-2007:152

http://www.debian.org/security/2007/dsa-1391

http://www.debian.org/security/2007/dsa-1346

http://www.debian.org/security/2007/dsa-1345

http://www.debian.org/security/2007/dsa-1344

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101

http://secunia.com/advisories/28135

http://secunia.com/advisories/27414

http://secunia.com/advisories/27326

http://secunia.com/advisories/26572

http://secunia.com/advisories/26393

http://secunia.com/advisories/26335

http://secunia.com/advisories/26331

http://secunia.com/advisories/26309

http://secunia.com/advisories/26303

http://secunia.com/advisories/26258

http://secunia.com/advisories/26234

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

http://bugzilla.mozilla.org/show_bug.cgi?id=389580

Details

Source: Mitre, NVD

Published: 2007-08-08

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical