CVE-2007-3186

Apple Safari Beta 3.0.1 - Remote Code Execution via Gopher URI in IFRAME SRC

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3186. PoCs published by Thor Larholm.

AI-analyzed exploit summary This exploit leverages a protocol handler command-injection vulnerability in Apple Safari for Windows via an IFRAME element. It uses Mozilla XPCOM components to execute arbitrary commands, specifically launching 'cmd.exe' on the target system.

Description

Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Thor Larholm · htmlremotewindows

https://www.exploit-db.com/exploits/30176

View Code ZIP pw:eip

This exploit leverages a protocol handler command-injection vulnerability in Apple Safari for Windows via an IFRAME element. It uses Mozilla XPCOM components to execute arbitrary commands, specifically launching 'cmd.exe' on the target system.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Apple Safari for Windows (versions prior to Beta 3.0.1)

No auth needed

Prerequisites: Victim must be using a vulnerable version of Safari for Windows · Victim must visit a malicious webpage or have the exploit delivered via another vector

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →