CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.2%
Added: 10/19/2007
CVE: CVE-2007-3896
BID: 25945
OSVDB: 41090
The **shell32.dll**
library provides functions which handle interaction between Internet Explorer and the Windows shell.
The version of the **shell32.dll**
library installed with Internet Explorer 7 does not properly validate malformed URIs containing a percent character (**%**
). This allows command execution when a user follows a specially crafted link in other applications, such as Firefox.
Follow the recommendations in Microsoft Security Advisory 943521 and install a fix when available.
<http://www.kb.cert.org/vuls/id/403150>
<http://archives.neohapsis.com/archives/bugtraq/2007-10/0070.html>
Exploit works on Microsoft Internet Explorer 7.0.5730.13 through Firefox 2.0.0.4.
The SAINTexploit host must be able to bind to port 69/UDP.
Exploit requires the PERL threads module to be installed on the SAINTexploit host.
Windows XP