Cross-browser Scripting Vulnerability in Microsoft Internet Explorer Affecting Firefox
CVE-2007-3670

Currently unrated

Key Information:

Vendor

Microsoft
Status
Internet Explorer
Firefox
Vendor
CVE Published:
10 July 2007

What is CVE-2007-3670?

An argument injection vulnerability exists in Microsoft Internet Explorer that can be exploited when running Firefox on the same system and with certain URIs registered. This flaw enables remote attackers to perform cross-browser scripting attacks, allowing the execution of arbitrary commands via maliciously crafted FirefoxURL or FirefoxHTML URIs. The underlying issue stems from Internet Explorer's improper handling of URL arguments during the invocation of Firefox, raising questions about protocol handler validation. Mozilla has committed to implementing a defense-in-depth solution to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2007/2473
vdb-entryx_refsource_VUPEN
http://www.ubuntu.com/usn/usn-503-1
vendor-advisoryx_refsource_UBUNTU
http://www.securitytracker.com/id?1018360
vdb-entryx_refsource_SECTRACK

EPSS Score

49% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.