Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-489
Vulnerability from certfr_avis
Une vulnérabilité liée à la gestion des URI dans Windows permet l'exécution de commandes arbitraires à distance.
Description
Une vulnérabilité liée à la gestion des URI (Uniform Resource Identifier) dans Windows permet l'exécution de commandes arbitraires à distance. La présence d'Internet Explorer 7 (IE7) est nécessaire pour l'exploitation de cette vulnérabilité.
Celle-ci a fait l'objet de l'alerte CERTA-2007-ALE-015 publiée par le CERTA le 10 octobre 2007. Microsoft avait par ailleurs signalé le problème dans l'avis de sécurité 943521 le 11 octobre.
Solution
Se référer au bulletin de sécurité MS07-061 de Microsoft pour l'obtention des correctifs (cf. section Documentation).
- Windows XP Service Pack 2 ;
- Windows XP Professional x64 Edition ;
- Windows XP Professional x64 Edition Service Pack 2 ;
- Windows Server 2003 Service Pack 1 ;
- Windows Server 2003 Service Pack 2 ;
- Windows Server 2003 x64 Edition ;
- Windows Server 2003 x64 Edition Service Pack 2 ;
- Windows Server 2003 avec SP1 et SP2 pour systèmes Itanium.
Microsoft Windows 2000 Service Pack 4 et Microsoft Vista ne sont pas affectés.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cUL\u003e \u003cLI\u003eWindows XP Service Pack 2 ;\u003c/LI\u003e \u003cLI\u003eWindows XP Professional x64 Edition ;\u003c/LI\u003e \u003cLI\u003eWindows XP Professional x64 Edition Service Pack 2 ;\u003c/LI\u003e \u003cLI\u003eWindows Server 2003 Service Pack 1 ;\u003c/LI\u003e \u003cLI\u003eWindows Server 2003 Service Pack 2 ;\u003c/LI\u003e \u003cLI\u003eWindows Server 2003 x64 Edition ;\u003c/LI\u003e \u003cLI\u003eWindows Server 2003 x64 Edition Service Pack 2 ;\u003c/LI\u003e \u003cLI\u003eWindows Server 2003 avec SP1 et SP2 pour syst\u00e8mes Itanium.\u003c/LI\u003e \u003c/UL\u003e \u003cP\u003eMicrosoft Windows 2000 Service Pack 4 et Microsoft Vista ne sont pas affect\u00e9s.\u003c/P\u003e",
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 li\u00e9e \u00e0 la gestion des URI (Uniform Resource\nIdentifier) dans Windows permet l\u0027ex\u00e9cution de commandes arbitraires \u00e0\ndistance. La pr\u00e9sence d\u0027Internet Explorer 7 (IE7) est n\u00e9cessaire pour\nl\u0027exploitation de cette vuln\u00e9rabilit\u00e9.\n\nCelle-ci a fait l\u0027objet de l\u0027alerte CERTA-2007-ALE-015 publi\u00e9e par le\nCERTA le 10 octobre 2007. Microsoft avait par ailleurs signal\u00e9 le\nprobl\u00e8me dans l\u0027avis de s\u00e9curit\u00e9 943521 le 11 octobre.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS07-061 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-3896"
}
],
"initial_release_date": "2007-11-14T00:00:00",
"last_revision_date": "2007-11-14T00:00:00",
"links": [
{
"title": "Alerte CERTA-2007-ALE-015 du 10 octobre 2007, \u00ab Vuln\u00e9rabilit\u00e9 dans le traitement des URI sous Windows \u00bb :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ALE-015/"
}
],
"reference": "CERTA-2007-AVI-489",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 li\u00e9e \u00e0 la gestion des URI dans Windows permet\nl\u0027ex\u00e9cution de commandes arbitraires \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans le traitement des URI sous Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS07-061 du 13 novembre 2007",
"url": "http://www.microsoft.com/technet/security/Bulletin/MS07-061.mspx"
}
]
}
CVE-2007-3896 (GCVE-0-2007-3896)
Vulnerability from cvelistv5
Published
2007-10-11 00:00
Modified
2024-08-07 14:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe Reader, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related issues in the applications that are invoked by the handlers.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:04.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20071017 Re: Third-party patch for CVE-2007-3896, UPDATE NOW",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482437/100/0/threaded"
},
{
"name": "20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119159477404263\u0026w=2"
},
{
"name": "20071009 RE: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481871/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.heise-security.co.uk/news/96982"
},
{
"name": "20071006 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481680/100/0/threaded"
},
{
"name": "20071006 Re[2]: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481664/100/0/threaded"
},
{
"name": "20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119159924712561\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=577"
},
{
"name": "20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481867/100/0/threaded"
},
{
"name": "HPSBST02291",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
},
{
"name": "26201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26201"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119168062128026\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119171444628628\u0026w=2"
},
{
"name": "SSRT071498",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:4581",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4581"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/"
},
{
"name": "20071007 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119175323322021\u0026w=2"
},
{
"name": "20071007 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481846/100/0/threaded"
},
{
"name": "1018831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018831"
},
{
"name": "20071009 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119194714125580\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119168727402084\u0026w=2"
},
{
"name": "20071007 Re: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481881/100/0/threaded"
},
{
"name": "20071006 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481671/100/0/threaded"
},
{
"name": "20071007 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481839/100/0/threaded"
},
{
"name": "TA07-317A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-317A.html"
},
{
"name": "20071007 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119180333805950\u0026w=2"
},
{
"name": "943521",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://www.microsoft.com/technet/security/advisory/943521.mspx"
},
{
"name": "20071004 Re[2]: 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481493/100/100/threaded"
},
{
"name": "20071005 RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481624/100/0/threaded"
},
{
"name": "MS07-061",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-061"
},
{
"name": "25945",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25945"
},
{
"name": "20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481887/100/0/threaded"
},
{
"name": "20071014 Third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling) available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482292/100/0/threaded"
},
{
"name": "VU#403150",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/403150"
},
{
"name": "20071011 M$ will fix URI?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482090/100/0/threaded"
},
{
"name": "20071003 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119143780202107\u0026w=2"
},
{
"name": "20071004 Re: 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481505/100/0/threaded"
},
{
"name": "20071007 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119195904813505\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119170531020020\u0026w=2"
},
{
"name": "20071003 Re: 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119144449915918\u0026w=2"
},
{
"name": "1018822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018822"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid \"%\" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe Reader, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related issues in the applications that are invoked by the handlers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "20071017 Re: Third-party patch for CVE-2007-3896, UPDATE NOW",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482437/100/0/threaded"
},
{
"name": "20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119159477404263\u0026w=2"
},
{
"name": "20071009 RE: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481871/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.heise-security.co.uk/news/96982"
},
{
"name": "20071006 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481680/100/0/threaded"
},
{
"name": "20071006 Re[2]: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481664/100/0/threaded"
},
{
"name": "20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119159924712561\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=577"
},
{
"name": "20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481867/100/0/threaded"
},
{
"name": "HPSBST02291",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
},
{
"name": "26201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26201"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119168062128026\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119171444628628\u0026w=2"
},
{
"name": "SSRT071498",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:4581",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4581"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/"
},
{
"name": "20071007 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119175323322021\u0026w=2"
},
{
"name": "20071007 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481846/100/0/threaded"
},
{
"name": "1018831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018831"
},
{
"name": "20071009 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119194714125580\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119168727402084\u0026w=2"
},
{
"name": "20071007 Re: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481881/100/0/threaded"
},
{
"name": "20071006 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481671/100/0/threaded"
},
{
"name": "20071007 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481839/100/0/threaded"
},
{
"name": "TA07-317A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-317A.html"
},
{
"name": "20071007 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119180333805950\u0026w=2"
},
{
"name": "943521",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://www.microsoft.com/technet/security/advisory/943521.mspx"
},
{
"name": "20071004 Re[2]: 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481493/100/100/threaded"
},
{
"name": "20071005 RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481624/100/0/threaded"
},
{
"name": "MS07-061",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-061"
},
{
"name": "25945",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25945"
},
{
"name": "20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481887/100/0/threaded"
},
{
"name": "20071014 Third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling) available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482292/100/0/threaded"
},
{
"name": "VU#403150",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/403150"
},
{
"name": "20071011 M$ will fix URI?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482090/100/0/threaded"
},
{
"name": "20071003 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119143780202107\u0026w=2"
},
{
"name": "20071004 Re: 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481505/100/0/threaded"
},
{
"name": "20071007 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119195904813505\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=119170531020020\u0026w=2"
},
{
"name": "20071003 Re: 0day: mIRC pwns Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=119144449915918\u0026w=2"
},
{
"name": "1018822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018822"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-3896",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid \"%\" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe Reader, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related issues in the applications that are invoked by the handlers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071017 Re: Third-party patch for CVE-2007-3896, UPDATE NOW",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482437/100/0/threaded"
},
{
"name": "20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=119159477404263\u0026w=2"
},
{
"name": "20071009 RE: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481871/100/0/threaded"
},
{
"name": "http://www.heise-security.co.uk/news/96982",
"refsource": "MISC",
"url": "http://www.heise-security.co.uk/news/96982"
},
{
"name": "20071006 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481680/100/0/threaded"
},
{
"name": "20071006 Re[2]: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481664/100/0/threaded"
},
{
"name": "20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=119159924712561\u0026w=2"
},
{
"name": "http://blogs.zdnet.com/security/?p=577",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=577"
},
{
"name": "20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481867/100/0/threaded"
},
{
"name": "HPSBST02291",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
},
{
"name": "26201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26201"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=119168062128026\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=119171444628628\u0026w=2"
},
{
"name": "SSRT071498",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:4581",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4581"
},
{
"name": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/"
},
{
"name": "20071007 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=119175323322021\u0026w=2"
},
{
"name": "20071007 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481846/100/0/threaded"
},
{
"name": "1018831",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018831"
},
{
"name": "20071009 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=119194714125580\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=119168727402084\u0026w=2"
},
{
"name": "20071007 Re: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481881/100/0/threaded"
},
{
"name": "20071006 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481671/100/0/threaded"
},
{
"name": "20071007 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481839/100/0/threaded"
},
{
"name": "TA07-317A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-317A.html"
},
{
"name": "20071007 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=119180333805950\u0026w=2"
},
{
"name": "943521",
"refsource": "MSKB",
"url": "http://www.microsoft.com/technet/security/advisory/943521.mspx"
},
{
"name": "20071004 Re[2]: 0day: mIRC pwns Windows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481493/100/100/threaded"
},
{
"name": "20071005 RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481624/100/0/threaded"
},
{
"name": "MS07-061",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-061"
},
{
"name": "25945",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25945"
},
{
"name": "20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481887/100/0/threaded"
},
{
"name": "20071014 Third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling) available",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482292/100/0/threaded"
},
{
"name": "VU#403150",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/403150"
},
{
"name": "20071011 M$ will fix URI?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482090/100/0/threaded"
},
{
"name": "20071003 0day: mIRC pwns Windows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=119143780202107\u0026w=2"
},
{
"name": "20071004 Re: 0day: mIRC pwns Windows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481505/100/0/threaded"
},
{
"name": "20071007 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=119195904813505\u0026w=2"
},
{
"name": "20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=119170531020020\u0026w=2"
},
{
"name": "20071003 Re: 0day: mIRC pwns Windows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=119144449915918\u0026w=2"
},
{
"name": "1018822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018822"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2007-3896",
"datePublished": "2007-10-11T00:00:00",
"dateReserved": "2007-07-19T00:00:00",
"dateUpdated": "2024-08-07T14:37:04.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…