Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE’s opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a “defense in depth” fix that will “prevent IE from sending Firefox malicious data.”
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html
blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
labs.idefense.com/intelligence/vulnerabilities/display.php?id=565
larholm.com/2007/07/10/internet-explorer-0day-exploit/
msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx
osvdb.org/38017
secunia.com/advisories/25984
secunia.com/advisories/26096
secunia.com/advisories/26149
secunia.com/advisories/26204
secunia.com/advisories/26216
secunia.com/advisories/26258
secunia.com/advisories/26271
secunia.com/advisories/26572
secunia.com/advisories/28179
secunia.com/advisories/28363
support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
www.kb.cert.org/vuls/id/358017
www.mandriva.com/security/advisories?name=MDKSA-2007:152
www.mozilla.org/security/announce/2007/mfsa2007-23.html
www.mozilla.org/security/announce/2007/mfsa2007-40.html
www.novell.com/linux/security/advisories/2007_49_mozilla.html
www.securityfocus.com/archive/1/473276/100/0/threaded
www.securityfocus.com/bid/24837
www.securitytracker.com/id?1018351
www.securitytracker.com/id?1018360
www.theregister.co.uk/2007/07/11/ie_firefox_vuln/
www.ubuntu.com/usn/usn-503-1
www.us-cert.gov/cas/techalerts/TA07-199A.html
www.virusbtn.com/news/virus_news/2007/07_11.xml
www.vupen.com/english/advisories/2007/2473
www.vupen.com/english/advisories/2007/2565
www.vupen.com/english/advisories/2007/4272
www.vupen.com/english/advisories/2008/0082
www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html
exchange.xforce.ibmcloud.com/vulnerabilities/35346