Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability

Bugtraq ID: 24837
Class: Input Validation Error
CVE: CVE-2007-3670
CVE-2007-4038
Remote: Yes
Local: No
Published: Jul 10 2007 12:00AM
Updated: Mar 19 2015 08:22AM
Credit: Thor Larholm reported this issue for Internet Explorer. Greg Macanus reported this issue for Mozilla Firefox. Nathan McFeters discovered that 'navigatorurl' is also affected. Billy Rios is also credited with the discovery of this issue.
Vulnerable: Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
SuSE SUSE Linux Enterprise Server 8
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise Server 10
SuSE Suse Linux Enterprise Desktop 10 SP1
SuSE Suse Linux Enterprise Desktop 10
SuSE Linux Desktop 10
Slackware Linux 12.0
Slackware Linux 11.0
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
Netscape Navigator 9.0
Mozilla Thunderbird 2.0 .4
Mozilla Thunderbird 1.5 beta 2
Mozilla Thunderbird 1.5 .9
Mozilla Thunderbird 1.5 .13
Mozilla Thunderbird 1.5
Mozilla Thunderbird 1.5.0.8
Mozilla Thunderbird 1.5.0.7
Mozilla Thunderbird 1.5.0.5
Mozilla Thunderbird 1.5.0.4
Mozilla Thunderbird 1.5.0.2
Mozilla Thunderbird 1.5.0.12
Mozilla Thunderbird 1.5.0.10
Mozilla Thunderbird 1.5.0.1
Mozilla SeaMonkey 1.1.3
Mozilla SeaMonkey 1.1.2
Mozilla SeaMonkey 1.1.1
Mozilla SeaMonkey 1.1 beta
Mozilla Firefox 2.0 .4
Mozilla Firefox 2.0 .3
Mozilla Firefox 2.0 .1
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0 RC3
Mozilla Firefox 2.0 RC2
Mozilla Firefox 2.0 beta 1
Mozilla Firefox 2.0
Mozilla Camino 1.0.3
Mozilla Camino 1.0.2
Mozilla Camino 1.0.1
Mozilla Camino 0.8.4
Mozilla Camino 0.8.3
Mozilla Camino 0.8
Mozilla Camino 0.7 .0
Mozilla Camino 1.5
Mozilla Camino 1.0
Microsoft Internet Explorer 7.0 beta3
Microsoft Internet Explorer 7.0 beta2
Microsoft Internet Explorer 7.0 beta1
Microsoft Internet Explorer 7.0
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
Google Chrome 0.2.149 .30
Google Chrome 0.2.149 .29
Google Chrome 0.2.149 .27
Google Chrome 1.0.154.46
Google Chrome 1.0.154.36
Not Vulnerable: Mozilla Thunderbird 2.0 .5
Mozilla Thunderbird 1.5.0.14
Mozilla SeaMonkey 1.1.4
Mozilla Firefox 2.0 .5
Mozilla Camino 1.5.1
Google Chrome 1.0.154.48


 

Privacy Statement
Copyright 2010, SecurityFocus