Lucene search
Billy RiosEDB-ID:30645HistoryOct 05, 2007 - 12:00 a.m.
Microsoft Windows - URI Handler Command Execution
2007-10-0500:00:00
Billy Rios
www.exploit-db.com
15
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/25945/info
Microsoft Windows XP and Server 2003 with Internet Explorer 7 is prone to a command-execution vulnerability because it fails to properly sanitize input.
Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of users that follow malicious URIs.
Known attack vectors include following URIs in these applications:
- Mozilla Firefox in versions prior to 2.0.0.6
- Skype in versions prior to 3.5.0.239
- Adobe Acrobat Reader 8.1
- Miranda 0.7
- Netscape 7.1
- mIRC.
NOTE: Attackers can exploit the issue in BID 25543 (Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability) as an attack vector for this issue.
The following proof-of-concept URI demonstrates this vulnerability:
http:%xx../../../../../../../../../../../windows/system32/calc.exe".bat
mailto:test% ../../../../windows/system32/calc.exe".cmdRelated
canvas
canvas
Immunity Canvas: IE7WMP
2007-10-10 20:17:00
Immunity Canvas: IEPDF
2007-10-10 20:17:00
saint
saint
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
symantec
symantec
Microsoft Windows URI Handler Command Execution Vulnerability
2007-10-05 00:00:00
checkpoint_advisories
checkpoint_advisories
nessus
nessus
securityvulns
securityvulns
seebug
seebug
Microsoft Windows URIε€ηε¨ε½δ»€ζ³¨ε
₯ζΌζ΄οΌMS07-061οΌ
2007-11-15 00:00:00
cert
cert
Microsoft Windows URI protocol handling vulnerability
2007-07-27 00:00:00
cvelist
cvelist
CVE-2007-3896
2007-10-11 00:00:00
cve
cve
CVE-2007-3896
2007-10-11 00:17:00
openvas
openvas
nvd
nvd
CVE-2007-3896
2007-10-11 00:17:00
prion
prion
Design/Logic Flaw
2007-10-11 00:17:00