Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:172BE0E94AB1DC2AE1B9A7E76A98B0D7
HistoryOct 19, 2007 - 12:00 a.m.

Windows IE7 URI Handler command execution through Firefox

2007-10-1900:00:00
SAINT Corporation
my.saintcorporation.com
12

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.961 High

EPSS

Percentile

99.5%

JSON

Added: 10/19/2007
CVE: CVE-2007-3896
BID: 25945
OSVDB: 41090

Background

The **shell32.dll** library provides functions which handle interaction between Internet Explorer and the Windows shell.

Problem

The version of the **shell32.dll** library installed with Internet Explorer 7 does not properly validate malformed URIs containing a percent character (**%**). This allows command execution when a user follows a specially crafted link in other applications, such as Firefox.

Resolution

Follow the recommendations in Microsoft Security Advisory 943521 and install a fix when available.

References

<http://www.kb.cert.org/vuls/id/403150&gt;
<http://archives.neohapsis.com/archives/bugtraq/2007-10/0070.html&gt;

Limitations

Exploit works on Microsoft Internet Explorer 7.0.5730.13 through Firefox 2.0.0.4.

The SAINTexploit host must be able to bind to port 69/UDP.

Exploit requires the PERL threads module to be installed on the SAINTexploit host.

Platforms

Windows XP

Related

symantec 1
canvas 2
saint 3
securityvulns 2
seebug 1
cert 1
checkpoint_advisories 2
nessus 1
cvelist 1
prion 1
cve 1
openvas 1
symantec
symantec
Microsoft Windows URI Handler Command Execution Vulnerability
2007-10-05 00:00:00
canvas
canvas
Immunity Canvas: IE7WMP
2007-10-10 20:17:00
Immunity Canvas: IEPDF
2007-10-10 20:17:00
saint
saint
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
securityvulns
securityvulns
Microsoft Windows URL code execution
2007-11-14 00:00:00
Microsoft Security Bulletin MS07-061 – Critical Vulnerability in Windows URI Handling Could Allow Remote Code Execution &#40;943460&#41;
2007-11-14 00:00:00
seebug
seebug
Microsoft Windows URI倄理器命什注ε…₯漏洞(MS07-061οΌ‰
2007-11-15 00:00:00
cert
cert
Microsoft Windows URI protocol handling vulnerability
2007-07-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061; CVE-2007-3896)
2007-10-31 00:00:00
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061) - Ver2 (CVE-2007-3896)
2014-04-16 00:00:00
nessus
nessus
MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)
2007-11-13 00:00:00
cvelist
cvelist
CVE-2007-3896
2007-10-11 00:00:00
prion
prion
Design/Logic Flaw
2007-10-11 00:17:00
cve
cve
CVE-2007-3896
2007-10-11 00:17:00
openvas
openvas
Adobe Reader URI Handler Remote Code Execution Vulnerabilities (Oct 2007) - Windows
2014-04-10 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.961 High

EPSS

Percentile

99.5%

JSON
Related for SAINT:172BE0E94AB1DC2AE1B9A7E76A98B0D7
symantec1canvas2saint3securityvulns2seebug1cert1checkpoint_advisories2nessus1cvelist1prion1cve1openvas1