Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process, a similar issue to CVE-2007-3670.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-07-27T22:00:00Z

Updated: 2024-09-17T04:04:51.906Z

Reserved: 2007-07-27T00:00:00Z

Link: CVE-2007-4040

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-07-27T22:30:00.000

Modified: 2024-11-21T00:34:38.767

Link: CVE-2007-4040

cve-icon Redhat

No data.