Microsoft Windows URI Handler Command Execution Vulnerability

Microsoft Windows URI Handler Command Execution Vulnerability

References:

Bug 389580 â?? some schemes with %00 launch unexpected handlers on windows (Mozilla)
Internet Explorer Homepage (Microsoft)
Microsoft Windows Homepage (Microsoft )
ShellExecuteFiasco â?? third-party patch for CVE-2007-3896 (KJK::Hyperion)
Skype also affected by supposed "Firefox vulnerability" (Heise Security)
URI problem also affects Acrobat Reader and Netscape (Heise Security)
Re[2]: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Thierry Zoller )
URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Juergen Schmidt )
2007008457, Rev 1 Nortel Response to Microsoft Security Bulletin MS07-061 (Nortel Networks)
ASA-2007-471 - MS07-061 Vulnerability in Windows URI Handling Could Allow Remote (Avaya)
Microsoft Security Advisory (943521) URL Handling Vulnerability in Windows XP an (Microsoft)
Microsoft Security Bulletin MS07-061 (Microsoft)
Microsoft Security Bulletin MS07-061 Version 1.1 (Microsoft)
Technical Cyber Security Alert TA07-317A: Microsoft Updates for Multiple Vulnera (US-CERT)
Vulnerability Note VU#403150 (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus