Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2007-3670

Disclosure Date: July 10, 2007
CVE-2007-3670
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE’s opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a “defense in depth” fix that will “prevent IE from sending Firefox malicious data.”

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • microsoft,
  • mozilla

Products

  • firefox,
  • internet explorer 6,
  • internet explorer 7.0

References

Canonical
CVE-2007-3670 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3670)
BID-24837 (http://www.securityfocus.com/bid/24837)
Advisory
ADV-2007-2473 (http://www.vupen.com/english/advisories/2007/2473)
USN-503-1 (http://www.ubuntu.com/usn/usn-503-1)
SECTRACK-1018360 (http://www.securitytracker.com/id?1018360)
SECTRACK-1018351 (http://www.securitytracker.com/id?1018351)
HPSBUX02156 (http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579)
HPSBUX02153 (http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
SECUNIA-25984 (http://secunia.com/advisories/25984)
XF-ie-firefoxurl-command-execution(35346) (https://exchange.xforce.ibmcloud.com/vulnerabilities/35346)
TA07-199A (http://www.us-cert.gov/cas/techalerts/TA07-199A.html)
SECUNIA-28179 (http://secunia.com/advisories/28179)
SECUNIA-26216 (http://secunia.com/advisories/26216)
ADV-2007-2565 (http://www.vupen.com/english/advisories/2007/2565)
http://www.mozilla.org/security/announce/2007/mfsa2007-40.html
SECUNIA-26149 (http://secunia.com/advisories/26149)
ADV-2008-0082 (http://www.vupen.com/english/advisories/2008/0082)
OSVDB-38017 (http://osvdb.org/38017)
http://www.mozilla.org/security/announce/2007/mfsa2007-23.html
VU#358017 (http://www.kb.cert.org/vuls/id/358017)
ADV-2007-4272 (http://www.vupen.com/english/advisories/2007/4272)
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
20070710 Internet Explorer 0day exploit (http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html)
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
SECUNIA-26258 (http://secunia.com/advisories/26258)
SECUNIA-28363 (http://secunia.com/advisories/28363)
20070710 Internet Explorer 0day exploit (http://www.securityfocus.com/archive/1/473276/100/0/threaded)
SECUNIA-26271 (http://secunia.com/advisories/26271)
SECUNIA-26204 (http://secunia.com/advisories/26204)
SECUNIA-26572 (http://secunia.com/advisories/26572)
SECUNIA-26096 (http://secunia.com/advisories/26096)
Miscellaneous
http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows
http://msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx
http://www.virusbtn.com/news/virus_news/2007/07_11.xml
http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln
20070719 Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability (http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=565)
http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html
http://larholm.com/2007/07/10/internet-explorer-0day-exploit

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis