Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 0.9.2 (including) |
Mozilla | Mozilla | * | 1.7.1 (including) |
Thunderbird | Mozilla | * | 0.7.2 (including) |