What is CVE-2007-3670?

CVE-2007-3670 is a vulnerability in N/a. Published 2007-07-10.

Is CVE-2007-3670 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-3670

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands…

EPSS: 0.501 (97.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

ADV-2007-2473 (vdb-entry, x_refsource_VUPEN)
USN-503-1 (x_refsource_UBUNTU, vendor-advisory)
1018360 (vdb-entry, x_refsource_SECTRACK)
1018351 (vdb-entry, x_refsource_SECTRACK)
HPSBUX02156 (x_refsource_HP, vendor-advisory)
blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on… (x_refsource_MISC)
HPSBUX02153 (x_refsource_HP, vendor-advisory)
MDKSA-2007:152 (vendor-advisory, x_refsource_MANDRIVA)
25984 (x_refsource_SECUNIA, third-party-advisory)
ie-firefoxurl-command-execution(35346) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2007-3670?: CVE-2007-3670 is a vulnerability in N/a. Published 2007-07-10.
Is CVE-2007-3670 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.