Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:26A16184C5AB3F6DEF1ABD8F71E4AD07
HistoryOct 19, 2007 - 12:00 a.m.

Windows IE7 URI Handler command execution through Firefox

2007-10-1900:00:00
SAINT Corporation
download.saintcorporation.com
11

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.943

Percentile

99.2%

JSON

Added: 10/19/2007
CVE: CVE-2007-3896
BID: 25945
OSVDB: 41090

Background

The **shell32.dll** library provides functions which handle interaction between Internet Explorer and the Windows shell.

Problem

The version of the **shell32.dll** library installed with Internet Explorer 7 does not properly validate malformed URIs containing a percent character (**%**). This allows command execution when a user follows a specially crafted link in other applications, such as Firefox.

Resolution

Follow the recommendations in Microsoft Security Advisory 943521 and install a fix when available.

References

<http://www.kb.cert.org/vuls/id/403150&gt;
<http://archives.neohapsis.com/archives/bugtraq/2007-10/0070.html&gt;

Limitations

Exploit works on Microsoft Internet Explorer 7.0.5730.13 through Firefox 2.0.0.4.

The SAINTexploit host must be able to bind to port 69/UDP.

Exploit requires the PERL threads module to be installed on the SAINTexploit host.

Platforms

Windows XP

Related

canvas 2
symantec 1
checkpoint_advisories 2
nessus 1
seebug 1
cert 1
securityvulns 2
saint 3
cvelist 1
openvas 1
nvd 1
cve 1
prion 1
canvas
canvas
Immunity Canvas: IE7WMP
2007-10-10 20:17:00
Immunity Canvas: IEPDF
2007-10-10 20:17:00
symantec
symantec
Microsoft Windows URI Handler Command Execution Vulnerability
2007-10-05 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061) - Ver2 (CVE-2007-3896)
2014-04-16 00:00:00
Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061; CVE-2007-3896)
2007-10-31 00:00:00
nessus
nessus
MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)
2007-11-13 00:00:00
seebug
seebug
Microsoft Windows URI倄理器命什注ε…₯漏洞(MS07-061οΌ‰
2007-11-15 00:00:00
cert
cert
Microsoft Windows URI protocol handling vulnerability
2007-07-27 00:00:00
securityvulns
securityvulns
Microsoft Windows URL code execution
2007-11-14 00:00:00
Microsoft Security Bulletin MS07-061 – Critical Vulnerability in Windows URI Handling Could Allow Remote Code Execution &#40;943460&#41;
2007-11-14 00:00:00
saint
saint
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
Windows IE7 URI Handler command execution through Firefox
2007-10-19 00:00:00
cvelist
cvelist
CVE-2007-3896
2007-10-11 00:00:00
openvas
openvas
Adobe Reader URI Handler Remote Code Execution Vulnerabilities (Oct 2007) - Windows
2014-04-10 00:00:00
nvd
nvd
CVE-2007-3896
2007-10-11 00:17:00
cve
cve
CVE-2007-3896
2007-10-11 00:17:00
prion
prion
Design/Logic Flaw
2007-10-11 00:17:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.943

Percentile

99.2%

JSON
Related for SAINT:26A16184C5AB3F6DEF1ABD8F71E4AD07
canvas2symantec1checkpoint_advisories2nessus1seebug1cert1securityvulns2saint3cvelist1openvas1nvd1cve1prion1