Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:90E849B0AD301FA73501AA39A4EA05E5
HistoryOct 19, 2007 - 12:00 a.m.

Windows IE7 URI Handler command execution through Firefox

2007-10-1900:00:00
SAINT Corporation
www.saintcorporation.com
12

0.957 High

EPSS

Percentile

99.3%

JSON

Added: 10/19/2007
CVE: CVE-2007-3896
BID: 25945
OSVDB: 41090

Background

The **shell32.dll** library provides functions which handle interaction between Internet Explorer and the Windows shell.

Problem

The version of the **shell32.dll** library installed with Internet Explorer 7 does not properly validate malformed URIs containing a percent character (**%**). This allows command execution when a user follows a specially crafted link in other applications, such as Firefox.

Resolution

Follow the recommendations in Microsoft Security Advisory 943521 and install a fix when available.

References

<http://www.kb.cert.org/vuls/id/403150&gt;
<http://archives.neohapsis.com/archives/bugtraq/2007-10/0070.html&gt;

Limitations

Exploit works on Microsoft Internet Explorer 7.0.5730.13 through Firefox 2.0.0.4.

The SAINTexploit host must be able to bind to port 69/UDP.

Exploit requires the PERL threads module to be installed on the SAINTexploit host.

Platforms

Windows XP

Related

saint 3
securityvulns 2
canvas 2
seebug 1
cert 1
symantec 1
checkpoint_advisories 2
nessus 1
prion 1
cvelist 1
openvas 1
cve 1
saint
saint
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS07-061 – Critical Vulnerability in Windows URI Handling Could Allow Remote Code Execution &#40;943460&#41;
2007-11-14 00:00:00
Microsoft Windows URL code execution
2007-11-14 00:00:00
canvas
canvas
Immunity Canvas: IEPDF
2007-10-10 20:17:00
Immunity Canvas: IE7WMP
2007-10-10 20:17:00
seebug
seebug
Microsoft Windows URI倄理器命什注ε…₯漏洞(MS07-061οΌ‰
2007-11-15 00:00:00
cert
cert
Microsoft Windows URI protocol handling vulnerability
2007-07-27 00:00:00
symantec
symantec
Microsoft Windows URI Handler Command Execution Vulnerability
2007-10-05 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061) - Ver2 (CVE-2007-3896)
2014-04-16 00:00:00
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061; CVE-2007-3896)
2007-10-31 00:00:00
nessus
nessus
MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)
2007-11-13 00:00:00
prion
prion
Design/Logic Flaw
2007-10-11 00:17:00
cvelist
cvelist
CVE-2007-3896
2007-10-11 00:00:00
openvas
openvas
Adobe Reader URI Handler Remote Code Execution Vulnerabilities (Oct 2007) - Windows
2014-04-10 00:00:00
cve
cve
CVE-2007-3896
2007-10-11 00:17:00

0.957 High

EPSS

Percentile

99.3%

JSON
Related for SAINT:90E849B0AD301FA73501AA39A4EA05E5
saint3securityvulns2canvas2seebug1cert1symantec1checkpoint_advisories2nessus1prion1cvelist1openvas1cve1