CVE-2007-3924 - Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netsca

CVE-2007-3924

Summary

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navigatorurl URI, which are inserted into the command line that is created when invoking netscape.exe, a related issue to CVE-2007-3670. NOTE: there has been debate about whether the issue is in Internet Explorer or Netscape. As of 20070713, it is CVE's opinion that IE appears to not properly delimit the URL argument when invoking Netscape; this issue could arise with other protocol handlers in IE.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:9.0:beta2:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:9.0:beta2:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 23-07-2021 - 15:12)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

misc	http://sla.ckers.org/forum/read.php?3,13732,13739
secunia	26082

Last major update

23-07-2021 - 15:12

Published

21-07-2007 - 00:30

Last modified

23-07-2021 - 15:12