Arbitrary Program Execution via shell: URI Protocol in Mozilla, Firefox, and Thunderbird

Arbitrary Program Execution via shell: URI Protocol in Mozilla, Firefox, and Thunderbird

CVE-2004-0648 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.

Learn more about our Web Application Penetration Testing UK.