CVE-2007-4041
CVE-2007-4041 is a medium-severity vulnerability in Microsoft Internet Explorer with a CVSS 2.0 base score of 6.8. Its EPSS exploit-prediction score of 20% places it in the 97th percentile, indicating an elevated likelihood of exploitation. The underlying weakness is classified as CWE-78.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.8)
- EPSS exploit prediction: 20% (97th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-78
- Affected product: Microsoft Internet Explorer
- Published:
- Last modified:
Description
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
Frequently asked questions
- What is CVE-2007-4041?
- Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
- How severe is CVE-2007-4041?
- CVE-2007-4041 has a CVSS 2.0 base score of 6.8, rated medium severity.
- Is CVE-2007-4041 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 20% (97th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2007-4041?
- CVE-2007-4041 primarily affects Microsoft Internet Explorer. In total, 3 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2007-4041?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2007-4041 published?
- CVE-2007-4041 was published on 2007-07-27 and last updated on 2026-06-16.
References
- http://www.kb.cert.org/vuls/id/783400
- http://www.securityfocus.com/bid/25053
- http://xs-sniper.com/blog/2007/07/24/remote-command-execution-in-firefox-2005/
- http://xs-sniper.com/blog/remote-command-exec-firefox-2005/
- https://bugzilla.mozilla.org/show_bug.cgi?id=389106
- https://bugzilla.mozilla.org/show_bug.cgi?id=389580
Affected products (3)
- cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
More vulnerabilities in Microsoft Internet Explorer
- CVE-2014-1764 — Critical (CVSS 10.0): Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox…
- CVE-2014-1763 — Critical (CVSS 10.0): Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary…
- CVE-2010-1118 — Critical (CVSS 10.0): Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary…
- CVE-2009-1918 — Critical (CVSS 10.0): Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and…
- CVE-2009-1043 — Critical (CVSS 10.0): Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary…
- CVE-2007-3341 — Critical (CVSS 10.0): Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a…
All CVEs affecting Microsoft Internet Explorer →
Other CWE-78 (OS Command Injection) vulnerabilities
- CVE-2026-56004 — Critical (CVSS 10.0): A shellcode injection in the mercurial handler of the obs tar_scm source service before version 0.12.4 could be used by…
- CVE-2026-56415 — Critical (CVSS 10.0): Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is…
- CVE-2026-56413 — Critical (CVSS 10.0): Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens…
- CVE-2026-49869 — Critical (CVSS 10.0): Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in…
- CVE-2026-49261 — Critical (CVSS 10.0): MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through…
- CVE-2026-10520 — Critical (CVSS 10.0): An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a…