CVE - CVE-2007-3670

CVE-ID
CVE-2007-3670	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE's opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a "defense in depth" fix that will "prevent IE from sending Firefox malicious data."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:24837 URL:http://www.securityfocus.com/bid/24837 BUGTRAQ:20070710 Internet Explorer 0day exploit URL:http://www.securityfocus.com/archive/1/473276/100/0/threaded CERT:TA07-199A URL:http://www.us-cert.gov/cas/techalerts/TA07-199A.html CERT-VN:VU#358017 URL:http://www.kb.cert.org/vuls/id/358017 CONFIRM:ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt CONFIRM:http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html CONFIRM:http://www.mozilla.org/security/announce/2007/mfsa2007-23.html CONFIRM:http://www.mozilla.org/security/announce/2007/mfsa2007-40.html FULLDISC:20070710 Internet Explorer 0day exploit URL:http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html HP:HPSBUX02153 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HP:HPSBUX02156 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 HP:SSRT061181 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HP:SSRT061236 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 IDEFENSE:20070719 Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=565 MANDRIVA:MDKSA-2007:152 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:152~~ (Obsolete source) MISC:http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/ MISC:http://larholm.com/2007/07/10/internet-explorer-0day-exploit/ MISC:http://msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx MISC:http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln/ MISC:http://www.virusbtn.com/news/virus_news/2007/07_11.xml MISC:http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html OSVDB:38017 URL:~~http://osvdb.org/38017~~ (Obsolete source) SECTRACK:1018351 URL:http://www.securitytracker.com/id?1018351 SECTRACK:1018360 URL:http://www.securitytracker.com/id?1018360 SECUNIA:25984 URL:http://secunia.com/advisories/25984 SECUNIA:26096 URL:http://secunia.com/advisories/26096 SECUNIA:26149 URL:http://secunia.com/advisories/26149 SECUNIA:26204 URL:http://secunia.com/advisories/26204 SECUNIA:26216 URL:http://secunia.com/advisories/26216 SECUNIA:26258 URL:http://secunia.com/advisories/26258 SECUNIA:26271 URL:http://secunia.com/advisories/26271 SECUNIA:26572 URL:http://secunia.com/advisories/26572 SECUNIA:28179 URL:http://secunia.com/advisories/28179 SECUNIA:28363 URL:http://secunia.com/advisories/28363 SUSE:SUSE-SA:2007:049 URL:http://www.novell.com/linux/security/advisories/2007_49_mozilla.html UBUNTU:USN-503-1 URL:http://www.ubuntu.com/usn/usn-503-1 VUPEN:ADV-2007-2473 URL:~~http://www.vupen.com/english/advisories/2007/2473~~ (Obsolete source) VUPEN:ADV-2007-2565 URL:~~http://www.vupen.com/english/advisories/2007/2565~~ (Obsolete source) VUPEN:ADV-2007-4272 URL:~~http://www.vupen.com/english/advisories/2007/4272~~ (Obsolete source) VUPEN:ADV-2008-0082 URL:~~http://www.vupen.com/english/advisories/2008/0082~~ (Obsolete source) XF:ie-firefoxurl-command-execution(35346) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/35346
Assigning CNA
MITRE Corporation
Date Record Created
20070710	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070710)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)