Lucene search
HistoryJul 27, 2007 - 10:30 p.m.
CVE-2007-4042
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.572
Percentile
97.7%
Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
Affected configurations
Node
microsoftwindows_2003_serversp2datacenter_edition
ORmicrosoftwindows_2003_serversp2enterprise_edition
ORmicrosoftwindows_2003_serversp2standard_edition
ORmicrosoftwindows_2003_serversp2web_edition
ORmicrosoftwindows_xpsp2home_edition
ORmicrosoftwindows_xpsp2professional_edition
microsoftinternet_explorerMatch7
ORnetscapenavigatorMatch9.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:datacenter_edition:*:*:*:*:* |
| microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:enterprise_edition:*:*:*:*:* |
| microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:standard_edition:*:*:*:*:* |
| microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:web_edition:*:*:*:*:* |
| microsoft | windows_xp | * | cpe:2.3:o:microsoft:windows_xp:*:sp2:home_edition:*:*:*:*:* |
| microsoft | windows_xp | * | cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_edition:*:*:*:*:* |
| microsoft | internet_explorer | 7 | cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:* |
| netscape | navigator | 9.0 | cpe:2.3:a:netscape:navigator:9.0:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2007-07-27 22:30:00
Cross site scripting
2007-07-10 19:30:00
Cross site scripting
2007-07-27 22:30:00
cve
cve
cvelist
cvelist
ubuntucve
ubuntucve
cert
cert
Mozilla Firefox URL protocol handling vulnerability
2007-07-11 00:00:00
mozilla
mozilla
Remote code execution by launching Firefox from Internet Explorer — Mozilla
2007-07-17 00:00:00
Upgraded Thunderbird 1.5.0.13 missing fix for MFSA 2007-23 — Mozilla
2007-12-19 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2007-23
2007-07-19 00:00:00
iDefense Security Advisory 07.19.07: Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability
2007-07-19 00:00:00
Microsoft Internet Explorer 0-day vulnerability
2007-07-19 00:00:00
nessus
nessus
Google Chrome < 1.0.154.48 Cross-browser Command Execution
2009-02-16 00:00:00
SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 3932)
2007-12-13 00:00:00
nvd
nvd
chrome
chrome
Stable and Beta Update: Incognito Mode Fix
2009-02-03 00:00:00
exploitdb
exploitdb
EA Origin < 10.5.38 - Remote Code Execution
2019-06-21 00:00:00
redhatcve
redhatcve
myhack58
myhack58
openvas
openvas
Ubuntu Update for mozilla-thunderbird vulnerabilities USN-503-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-503-1)
2009-03-23 00:00:00
SuSE Update for MozillaFirefox,MozillaThunderbird,Seamonkey SUSE-SA:2007:049
2009-01-28 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2007-08-25 00:00:00
zdt
zdt
EA Origin < 10.5.38 - Remote Code Execution Vulnerability
2019-06-22 00:00:00
exploitpack
exploitpack
EA Origin 10.5.38 - Remote Code Execution
2019-06-21 00:00:00
packetstorm
packetstorm
EA Origin Remote Code Execution
2019-06-21 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2007-08-02 16:31:06
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
rosalinux
rosalinux
Advisory ROSA-SA-2024-2370
2024-03-12 08:35:15
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.572
Percentile
97.7%
Related for NVD:CVE-2007-4042