6.8

CVE-2007-3285

Exploit
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version <= 2.0.0.4
   MicrosoftWindows
MozillaFirefox Version0.8
   MicrosoftWindows
MozillaFirefox Version0.9
   MicrosoftWindows
MozillaFirefox Version0.9.1
   MicrosoftWindows
MozillaFirefox Version0.9.2
   MicrosoftWindows
MozillaFirefox Version0.9.3
   MicrosoftWindows
MozillaFirefox Version0.10
   MicrosoftWindows
MozillaFirefox Version0.10.1
   MicrosoftWindows
MozillaFirefox Version1.0
   MicrosoftWindows
MozillaFirefox Version1.0.1
   MicrosoftWindows
MozillaFirefox Version1.0.2
   MicrosoftWindows
MozillaFirefox Version1.0.3
   MicrosoftWindows
MozillaFirefox Version1.0.4
   MicrosoftWindows
MozillaFirefox Version1.0.5
   MicrosoftWindows
MozillaFirefox Version1.0.6
   MicrosoftWindows
MozillaFirefox Version1.0.7
   MicrosoftWindows
MozillaFirefox Version1.0.8
   MicrosoftWindows
MozillaFirefox Version1.5
   MicrosoftWindows
MozillaFirefox Version1.5.0.1
   MicrosoftWindows
MozillaFirefox Version1.5.0.2
   MicrosoftWindows
MozillaFirefox Version1.5.0.3
   MicrosoftWindows
MozillaFirefox Version1.5.0.4
   MicrosoftWindows
MozillaFirefox Version1.5.0.5
   MicrosoftWindows
MozillaFirefox Version1.5.0.6
   MicrosoftWindows
MozillaFirefox Version1.5.0.7
   MicrosoftWindows
MozillaFirefox Version1.5.0.8
   MicrosoftWindows
MozillaFirefox Version1.5.0.9
   MicrosoftWindows
MozillaFirefox Version1.5.0.10
   MicrosoftWindows
MozillaFirefox Version1.5.0.11
   MicrosoftWindows
MozillaFirefox Version1.5.1
   MicrosoftWindows
MozillaFirefox Version1.5.2
   MicrosoftWindows
MozillaFirefox Version1.5.3
   MicrosoftWindows
MozillaFirefox Version1.5.4
   MicrosoftWindows
MozillaFirefox Version1.5.5
   MicrosoftWindows
MozillaFirefox Version1.5.6
   MicrosoftWindows
MozillaFirefox Version1.5.7
   MicrosoftWindows
MozillaFirefox Version1.5.8
   MicrosoftWindows
MozillaFirefox Version2.0
   MicrosoftWindows
MozillaFirefox Version2.0 Updatebeta1
   MicrosoftWindows
MozillaFirefox Version2.0 Updaterc2
   MicrosoftWindows
MozillaFirefox Version2.0 Updaterc3
   MicrosoftWindows
MozillaFirefox Version2.0.0.1
   MicrosoftWindows
MozillaFirefox Version2.0.0.2
   MicrosoftWindows
MozillaFirefox Version2.0.0.3
   MicrosoftWindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.88% 0.825
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.