National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2007-3670 Detail

Current Description

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE's opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a "defense in depth" fix that will "prevent IE from sending Firefox malicious data."

Source:  MITRE      Last Modified:  07/10/2007      View Analysis Description

Quick Info

CVE Dictionary Entry:
CVE-2007-3670
Original release date:
07/10/2007
Last revised:
07/28/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
4.3 MEDIUM
Vector:
(AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore:
2.9
Exploitability Subscore:
8.6
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Medium
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized modification

Evaluator Impact

Successful exploit requires that Mozilla Firefox is installed.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt External Source CONFIRM ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html External Source FULLDISC 20070710 Internet Explorer 0day exploit
http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/ External Source MISC http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 External Source HP SSRT061181
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 External Source HP SSRT061236
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=565 External Source IDEFENSE 20070719 Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability
http://larholm.com/2007/07/10/internet-explorer-0day-exploit/ External Source MISC http://larholm.com/2007/07/10/internet-explorer-0day-exploit/
http://msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx External Source MISC http://msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html External Source CONFIRM http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
http://www.kb.cert.org/vuls/id/358017 US Government Resource External Source CERT-VN VU#358017
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152 External Source MANDRIVA MDKSA-2007:152
http://www.mozilla.org/security/announce/2007/mfsa2007-23.html External Source CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-23.html
http://www.mozilla.org/security/announce/2007/mfsa2007-40.html External Source CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-40.html
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html External Source SUSE SUSE-SA:2007:049
http://www.securityfocus.com/archive/1/archive/1/473276/100/0/threaded External Source BUGTRAQ 20070710 Internet Explorer 0day exploit
http://www.securityfocus.com/bid/24837 External Source BID 24837
http://www.securitytracker.com/id?1018351 External Source SECTRACK 1018351
http://www.securitytracker.com/id?1018360 External Source SECTRACK 1018360
http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln/ External Source MISC http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln/
http://www.ubuntu.com/usn/usn-503-1 External Source UBUNTU USN-503-1
http://www.us-cert.gov/cas/techalerts/TA07-199A.html US Government Resource External Source CERT TA07-199A
http://www.virusbtn.com/news/virus_news/2007/07_11.xml External Source MISC http://www.virusbtn.com/news/virus_news/2007/07_11.xml
http://www.vupen.com/english/advisories/2007/2473 External Source VUPEN ADV-2007-2473
http://www.vupen.com/english/advisories/2007/2565 External Source VUPEN ADV-2007-2565
http://www.vupen.com/english/advisories/2007/4272 External Source VUPEN ADV-2007-4272
http://www.vupen.com/english/advisories/2008/0082 External Source VUPEN ADV-2008-0082
http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html External Source MISC http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/35346 External Source XF ie-firefoxurl-command-execution(35346)

Technical Details

Vulnerability Type (View All)

  • Cross-Site Scripting (XSS) (CWE-79)

Change History 2 change records found - show changes