CVE-2007-4040

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook and Outlook Express (affected versions not specified)

Description: The issue involves an argument injection vulnerability. When certain URIs are registered, remote attackers can conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI. These metacharacters are inserted into the command line when invoking the handling process.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.