Argument Injection Vulnerability in Mozilla Firefox Affects Mail Client Integration
CVE-2006-2057

Currently unrated

Key Information:

Vendor

Microsoft
Status
Outlook
Avant Browser
Ie
Firefox
Vendor
CVE Published:
26 April 2006

What is CVE-2006-2057?

An argument injection vulnerability exists in Mozilla Firefox 1.0.6 that allows user-assisted remote attackers to manipulate command line arguments passed to the mail client. This is achieved by exploiting the mailto: scheme handler through the use of double quote (" ) characters, which can lead to the execution of the mail client, such as Microsoft Outlook, with arbitrary filenames attached. The precise nature of this issue may depend on the implementation specifics or the underlying behavior of the Microsoft API.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2006/1538
vdb-entryx_refsource_VUPEN
http://ingehenriksen.blogspot.com/2006/04/office-2003-fil...
x_refsource_MISC
http://www.securityfocus.com/archive/1/432009/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.