Published: 20/06/2007 Updated: 09/10/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Mozilla Firefox prior to 2.0.0.5, when run on Windows, allows remote malicious users to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 0.10.1
mozilla firefox 1.0.1
mozilla firefox 1.0.3
mozilla firefox 1.5.0.1
mozilla firefox 1.5.0.11
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.8
mozilla firefox 1.5.6
mozilla firefox 1.5.8
mozilla firefox 2.0
mozilla firefox 1.0.5
mozilla firefox 1.0.6
mozilla firefox 1.0.7
mozilla firefox 1.0.8
mozilla firefox 1.5.1
mozilla firefox 1.5.2
mozilla firefox 1.5.3
mozilla firefox 1.5.4
mozilla firefox 0.9
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9.3
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.5
mozilla firefox 2.0.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.3
mozilla firefox 0.10
mozilla firefox 0.8
mozilla firefox 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.4
mozilla firefox 1.5
mozilla firefox 1.5.0.10
mozilla firefox 1.5.0.7
mozilla firefox 1.5.0.9
mozilla firefox 1.5.5
mozilla firefox 1.5.7
mozilla firefox

Various flaws were discovered in the layout and JavaScript engines By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user’s privileges (CVE-2007-3734, CVE-2007-3735) ...

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3089 Ronen Zilberman and Michal Zalewski discovered that a timing race allows the injection of content into about:blank frames CVE-2007-3 ...

Mozilla Foundation Security Advisory 2007-22 File type confusion due to %00 in name Announced July 17, 2007 Reporter Ronald van den Heetkamp Impact Low Products Firefox, SeaMonkey Fixed in ...

Mozilla Firefox versions 100 and below local null byte bypass file check execution exploit ...

CWE-264 http://www.0x000000.com/?i=333 http://www.securityfocus.com/bid/24447 https://bugzilla.mozilla.org/show_bug.cgi?id=383478 http://www.mozilla.org/security/announce/2007/mfsa2007-22.html ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:152 http://www.novell.com/linux/security/advisories/2007_49_mozilla.html http://www.ubuntu.com/usn/usn-490-1 http://www.securitytracker.com/id?1018413 http://secunia.com/advisories/26149 http://secunia.com/advisories/26072 http://secunia.com/advisories/26216 http://secunia.com/advisories/26204 http://secunia.com/advisories/26271 http://secunia.com/advisories/26258 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1 http://secunia.com/advisories/28135 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1 http://osvdb.org/38032 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://www.vupen.com/english/advisories/2007/4256 https://usn.ubuntu.com/490-1/https://nvd.nist.gov

CVE-2007-3285

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect