CVE-2007-4841

CVE-2007-4841 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.

Learn more about our Web Application Penetration Testing UK.