CVE-2007-4038

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 2.0.0.5

Description: The issue allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI. This occurs when Mozilla Firefox is running on systems with Thunderbird 1.5 installed and certain URIs are registered. The vulnerability enables the insertion of shell metacharacters into the command line that invokes Thunderbird.exe.

Recommendations: For Mozilla Firefox versions prior to 2.0.0.5, update to version 2.0.0.5 or later to resolve the issue.