Description
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE's opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a "defense in depth" fix that will "prevent IE from sending Firefox malicious data."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Thor Larholm · textremotelinux
https://www.exploit-db.com/exploits/30285
References (39)
Core 39
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35346
Various Sources x_refsource_misc
http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html
Various Sources x_refsource_misc
http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows/
Various Sources x_refsource_misc
http://msinfluentials.com/blogs/jesper/archive/2007/07/10/blocking-the-firefox-gt-ie-0-day.aspx
Various Sources x_refsource_misc
http://www.virusbtn.com/news/virus_news/2007/07_11.xml
Various Sources x_refsource_misc
http://www.theregister.co.uk/2007/07/11/ie_firefox_vuln/
Various Sources x_refsource_confirm
http://www.mozilla.org/security/announce/2007/mfsa2007-40.html
Various Sources x_refsource_confirm
http://www.mozilla.org/security/announce/2007/mfsa2007-23.html
Various Sources x_refsource_misc
http://larholm.com/2007/07/10/internet-explorer-0day-exploit/
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2473
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-503-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018360
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018351
Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25984
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-199A.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28179
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24837
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26216
Third Party Advisory third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=565
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2565
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26149
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0082
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38017
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/358017
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/4272
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
Vendor Advisory x_refsource_confirm
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html
Vendor Advisory x_refsource_confirm
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26258
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28363
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/473276/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26271
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26204
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26572
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26096
Scores
EPSS
0.5012
EPSS Percentile
97.8%
Details
CWE
CWE-79
Status
published
Products (3)
microsoft/internet_explorer
6 (2 CPE variants)
microsoft/internet_explorer
7.0 (4 CPE variants)
mozilla/firefox
Published
Jul 10, 2007
Tracked Since
Feb 18, 2026