Vulnerabilidad en Microsoft Internet Explorer (CVE-2007-3670)
Gravedad CVSS v2.0:
MEDIA
Tipo:
CWE-79
Neutralización incorrecta de la entrada durante la generación de la página web (Cross-site Scripting)
Fecha de publicación:
10/07/2007
Última modificación:
09/04/2025
Descripción
Una vulnerabilidad de inyección de argumentos en Microsoft Internet Explorer, cuando es ejecutado en sistemas con Firefox instalado y ciertos URIs registrados, permiten a atacantes remotos conducir ataques de tipo cross-browser scripting y ejecutar comandos arbitrarios por medio de metacaracteres de shell en un URI (1) FirefoxURL o (2) FirefoxHTML, que son insertadas en la línea de comandos que son creadas cuando se invoca el archivo firefox.exe. NOTA: se ha debatido si el problema está en Internet Explorer o Firefox. A partir de 20070711, la opinión de este CVE es que IE parece estar fallando en la delimitación apropiada del argumento de la URL al invocar a Firefox, y este problema podría surgir también con otros manejadores de protocolos en IE. Sin embargo, Mozilla ha declarado que abordará el problema con una "defense in depth" que "prevent IE from sending Firefox malicious data."
Impacto
Puntuación base 2.0
4.30
Gravedad 2.0
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html
- http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=565
- http://larholm.com/2007/07/10/internet-explorer-0day-exploit/
- http://msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx
- http://osvdb.org/38017
- http://secunia.com/advisories/25984
- http://secunia.com/advisories/26096
- http://secunia.com/advisories/26149
- http://secunia.com/advisories/26204
- http://secunia.com/advisories/26216
- http://secunia.com/advisories/26258
- http://secunia.com/advisories/26271
- http://secunia.com/advisories/26572
- http://secunia.com/advisories/28179
- http://secunia.com/advisories/28363
- http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
- http://www.kb.cert.org/vuls/id/358017
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A152
- http://www.mozilla.org/security/announce/2007/mfsa2007-23.html
- http://www.mozilla.org/security/announce/2007/mfsa2007-40.html
- http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
- http://www.securityfocus.com/archive/1/473276/100/0/threaded
- http://www.securityfocus.com/bid/24837
- http://www.securitytracker.com/id?1018351=
- http://www.securitytracker.com/id?1018360=
- http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln/
- http://www.ubuntu.com/usn/usn-503-1
- http://www.us-cert.gov/cas/techalerts/TA07-199A.html
- http://www.virusbtn.com/news/virus_news/2007/07_11.xml
- http://www.vupen.com/english/advisories/2007/2473
- http://www.vupen.com/english/advisories/2007/2565
- http://www.vupen.com/english/advisories/2007/4272
- http://www.vupen.com/english/advisories/2008/0082
- http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35346
- ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html
- http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=565
- http://larholm.com/2007/07/10/internet-explorer-0day-exploit/
- http://msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx
- http://osvdb.org/38017
- http://secunia.com/advisories/25984
- http://secunia.com/advisories/26096
- http://secunia.com/advisories/26149
- http://secunia.com/advisories/26204
- http://secunia.com/advisories/26216
- http://secunia.com/advisories/26258
- http://secunia.com/advisories/26271
- http://secunia.com/advisories/26572
- http://secunia.com/advisories/28179
- http://secunia.com/advisories/28363
- http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
- http://www.kb.cert.org/vuls/id/358017
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A152
- http://www.mozilla.org/security/announce/2007/mfsa2007-23.html
- http://www.mozilla.org/security/announce/2007/mfsa2007-40.html
- http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
- http://www.securityfocus.com/archive/1/473276/100/0/threaded
- http://www.securityfocus.com/bid/24837
- http://www.securitytracker.com/id?1018351=
- http://www.securitytracker.com/id?1018360=
- http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln/
- http://www.ubuntu.com/usn/usn-503-1
- http://www.us-cert.gov/cas/techalerts/TA07-199A.html
- http://www.virusbtn.com/news/virus_news/2007/07_11.xml
- http://www.vupen.com/english/advisories/2007/2473
- http://www.vupen.com/english/advisories/2007/2565
- http://www.vupen.com/english/advisories/2007/4272
- http://www.vupen.com/english/advisories/2008/0082
- http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35346