CVE-2007-4042

Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:microsoft:windows_2003_server:*:sp2:datacenter_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:enterprise_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:standard_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:web_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:home_edition:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_edition:*:*:*:*:*
OR cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:9.0:*:*:*:*:*:*:*

History

23 Jul 2021, 15:04

Type Values Removed Values Added
CPE cpe:2.3:a:microsoft:ie:7:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

Information

Published : 2007-07-27 22:30

Updated : 2024-02-04 17:13


NVD link : CVE-2007-4042

Mitre link : CVE-2007-4042

CVE.ORG link : CVE-2007-4042


JSON object : View

Products Affected

microsoft

  • internet_explorer
  • windows_xp
  • windows_2003_server

netscape

  • navigator