8 matches found
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061) - Ver2 (CVE-2007-3896)
Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Windows Internet Explorer 7. The vulnerability occurs when Windows does not correctly handle specially crafted URLs or URIs that are passed to it. There are a...
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061; CVE-2007-3896)
Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Windows Internet Explorer 7. The vulnerability occurs when Windows does not correctly handle specially crafted URLs or URIs that are passed to it. There are a...
Windows IE7 URI Handler command execution through Firefox
Added: 10/19/2007 CVE: CVE-2007-3896 BID: 25945 OSVDB: 41090 Background The shell32.dll library provides functions which handle interaction between Internet Explorer and the Windows shell. Problem The version of the shell32.dll library installed with Internet Explorer 7 does not properly validate...
Windows IE7 URI Handler command execution through Firefox
Added: 10/19/2007 CVE: CVE-2007-3896 BID: 25945 OSVDB: 41090 Background The shell32.dll library provides functions which handle interaction between Internet Explorer and the Windows shell. Problem The version of the shell32.dll library installed with Internet Explorer 7 does not properly validate...
Windows IE7 URI Handler command execution through Firefox
Added: 10/19/2007 CVE: CVE-2007-3896 BID: 25945 OSVDB: 41090 Background The shell32.dll library provides functions which handle interaction between Internet Explorer and the Windows shell. Problem The version of the shell32.dll library installed with Internet Explorer 7 does not properly validate...
CVE-2007-3896
CVE-2007-3896 affects Windows Shell32 (Windows XP/Server 2003 with IE7) where URL handling in the shell misparses invalid % sequences in mailto: or other URI handlers, allowing remote code execution. The issue can be triggered by launching external programs via URI handlers invoked by application...
Immunity Canvas: IEPDF
Name| iepdf ---|--- CVE| CVE-2007-3896 Exploit Pack| CANVAS Description| Microsoft IE 7 url-handling error MS07-061 Notes| CVE Name: CVE-2007-3896 VENDOR: Microsoft MSADV: MS07-061 Repeatability: Infinite client side - no crash MSRC: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3896...
Immunity Canvas: IE7WMP
Name| ie7wmp ---|--- CVE| CVE-2007-3896 Exploit Pack| CANVAS Description| Microsoft IE 7 url-handling error MS07-061 Notes| CVE Name: CVE-2007-3896 VENDOR: Microsoft MSADV: MS07-061 Repeatability: Infinite client side - no crash MSRC: http://www.microsoft.com/technet/security/bulletin/MS07-061.ms...