CVE-2007-3670
Microsoft Internet Explorer and Mozilla Firefox - URI Handler Command Injection
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE's opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a "defense in depth" fix that will "prevent IE from sending Firefox malicious data."
Una vulnerabilidad de inyección de argumentos en Microsoft Internet Explorer, cuando es ejecutado en sistemas con Firefox instalado y ciertos URIs registrados, permiten a atacantes remotos conducir ataques de tipo cross-browser scripting y ejecutar comandos arbitrarios por medio de metacaracteres de shell en un URI (1) FirefoxURL o (2) FirefoxHTML, que son insertadas en la línea de comandos que son creadas cuando se invoca el archivo firefox.exe. NOTA: se ha debatido si el problema está en Internet Explorer o Firefox. A partir de 20070711, la opinión de este CVE es que IE parece estar fallando en la delimitación apropiada del argumento de la URL al invocar a Firefox, y este problema podría surgir también con otros manejadores de protocolos en IE. Sin embargo, Mozilla ha declarado que abordará el problema con una "defense in depth" que "prevent IE from sending Firefox malicious data."
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-07-10 CVE Reserved
- 2007-07-10 CVE Published
- 2007-07-10 First Exploit
- 2024-08-07 CVE Updated
- 2024-10-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (40)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/30285 | 2007-07-10 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 | 2021-07-23 | |
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 | 2021-07-23 | |
http://secunia.com/advisories/25984 | 2021-07-23 | |
http://secunia.com/advisories/26096 | 2021-07-23 | |
http://secunia.com/advisories/26149 | 2021-07-23 | |
http://secunia.com/advisories/26204 | 2021-07-23 | |
http://secunia.com/advisories/26216 | 2021-07-23 | |
http://secunia.com/advisories/26258 | 2021-07-23 | |
http://secunia.com/advisories/26271 | 2021-07-23 | |
http://secunia.com/advisories/26572 | 2021-07-23 | |
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152 | 2021-07-23 | |
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html | 2021-07-23 | |
http://www.ubuntu.com/usn/usn-503-1 | 2021-07-23 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 7.0 Search vendor "Microsoft" for product "Internet Explorer" and version "7.0" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 7.0 Search vendor "Microsoft" for product "Internet Explorer" and version "7.0" | beta1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 7.0 Search vendor "Microsoft" for product "Internet Explorer" and version "7.0" | beta2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 7.0 Search vendor "Microsoft" for product "Internet Explorer" and version "7.0" | beta3 |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | * | - |
Affected
|