CVE-2007-3896

EPSS 82%
Published 11.10.2007 00:17:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe Reader, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related issues in the applications that are invoked by the handlers.

Affected products Warnungen 0 Metrics 2 CWE 1 References 43

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version7.0

   Microsoft ≫ Windows 2003 Server Editionitanium
   Microsoft ≫ Windows 2003 Server Editionx64
   Microsoft ≫ Windows 2003 Server Updatesp1
   Microsoft ≫ Windows 2003 Server Updatesp2
   Microsoft ≫ Windows 2003 Server Updatesp2 Editionitanium
   Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64
   Microsoft ≫ Windows Xp Editionx64
   Microsoft ≫ Windows Xp Updatesp2
   Microsoft ≫ Windows Xp Updatesp2 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	82%	0.992

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://xs-sniper.com/blog/remote-command-exec-firefox-2005/

http://blogs.zdnet.com/security/?p=577

http://marc.info/?l=bugtraq&m=119143780202107&w=2

http://marc.info/?l=bugtraq&m=119144449915918&w=2

http://marc.info/?l=bugtraq&m=119159924712561&w=2

http://marc.info/?l=bugtraq&m=119168062128026&w=2

http://marc.info/?l=bugtraq&m=119194714125580&w=2

http://marc.info/?l=bugtraq&m=119195904813505&w=2

http://marc.info/?l=full-disclosure&m=119159477404263&w=2

http://marc.info/?l=full-disclosure&m=119168727402084&w=2

http://marc.info/?l=full-disclosure&m=119170531020020&w=2

http://marc.info/?l=full-disclosure&m=119171444628628&w=2