Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-3896 — Improper Input Validation in Microsoft Internet Explorer

CWE-20 — Improper Input Validation4 documents4 sources

Severity

9.3CRITICALNVD

EPSS

83.5%

top 0.72%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Internet Explorer

Timeline

PublishedOct 11

Latest updateMay 1

Description

The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe Reader, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related…

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer7.0

🔴Vulnerability Details

GHSA

GHSA-wmhg-7fm8-r4vp: The URL handling in Shell32↗2022-05-01

▶

VulnCheck

Microsoft Windows Improper Input Validation↗2007

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows - URI Handler Command Execution↗2007-10-05

▶