HTTP: Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (.vcf)
This signature detects attempts to exploit a known vulnerability Microsoft Windows. The issue exists in the interaction between ShellExecute and IE7 URLMon component when handling malformed URLs. A successful attack allows the attacker to execute arbitrary command on the client system within the context of the logged in user. Also, the behavior of the target is entirely dependent on the intended function of the executed command. The command in such a case would execute within the security context of the logged in user.
Extended Description
Microsoft Windows XP and Server 2003 with Internet Explorer 7 is prone to a command-execution vulnerability because it fails to properly sanitize input. Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of users that follow malicious URIs. Known attack vectors include following URIs in these applications: - Mozilla Firefox in versions prior to 2.0.0.6 - Skype in versions prior to 3.5.0.239 - Adobe Acrobat Reader 8.1 - Miranda 0.7 - Netscape 7.1 - mIRC. NOTE: Attackers can exploit the issue in BID 25543 (Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability) as an attack vector for this issue.
Affected Products
Avaya messaging_application_server,Nortel_networks centrex_ip_client_manager
Short Name
HTTP:STC:DL:VCF-SHELLEXECUTE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(.vcf) CVE-2007-3896 Code Execution Handling IE7 Microsoft ShellExecute URL Windows and bid:25945
Release Date
10/13/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Nortel_networks
Avaya
CVSS Score
9.3