CVE-2007-4042

Name of the Vulnerable Software and Affected Versions: Netscape Navigator version 9

Description: The issue allows remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in various URI handlers, including mailto, nntp, news, snews, or telnet URI.

Recommendations: For Netscape Navigator version 9, consider avoiding the use of the vulnerable URI handlers until a fix is available. As a temporary workaround, restrict the handling of mailto, nntp, news, snews, and telnet URIs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.