CVE-2007-3833
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-3833
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the "aim: &c:\" substring and contains a full pathname in the ini field. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Trillian aim:// URI处理器 批量文件写入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Trillian是一个聊天程序,和多种即时通讯程序使用相同的接口,包括AIM、ICQ、Yahoo! Messenger、MSN Messenger和IRC。 Trillian的aim:// URI处理器在将某些部分的aim:// URI写入到ini=参数所指定的文件之前没有执行正确的验证,如果用户受骗跟随了特制的aim:// URI的话就可能导致向Windows的"开始"文件夹写入批处理文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-3833
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-3833
Please Login to view more intelligence information
- http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.htmlx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2007-3833
Same Patch Batch · n/a · 2007-07-17 · 39 CVEs total
| CVE-2007-3808 | paFileDB Search.PHP SQL注入漏洞 | |
| CVE-2007-3820 | Opera及Konqueror浏览器data: URI主题地址栏欺骗漏洞 | |
| CVE-2007-3821 | Citadel WebCit 多个输入验证漏洞 | |
| CVE-2007-3822 | Citadel WebCit 多个输入验证漏洞 | |
| CVE-2007-3823 | IPSwitch WS_FT PLogsrv.exe拒绝服务漏洞 | |
| CVE-2007-3824 | MzK Blog katgoster.asp SQL注入漏洞 | |
| CVE-2007-3017 | ActiveWeb Contentserver CMS Client Side 过滤绕过漏洞 | |
| CVE-2007-3018 | activeWeb contentserver 许可绕过错误 | |
| CVE-2007-3806 | PHP Glob()函数远程拒绝服务漏洞 | |
| CVE-2007-3807 | SiteScape Forum 多个未明跨站脚本攻击漏洞 | |
| CVE-2007-3819 | Opera Web Browser Address Bar URI欺骗漏洞 | |
| CVE-2007-3809 | Prozilla Directory Script cat_id参数 SQL注入漏洞 | |
| CVE-2007-3810 | Realtor index.php SQL注入漏洞 | |
| CVE-2007-3811 | eSyndiCat Link Directory 多个SQL注入漏洞 | |
| CVE-2007-3812 | CMScout Forums.PHP SQL注入漏洞 | |
| CVE-2007-3813 | MKPortal NoBoard BETA 文件漏洞 | |
| CVE-2007-3814 | MKPortal 多个SQL注入漏洞 | |
| CVE-2007-3815 | Poslovni informator Republike Slovenije (PIRS) pirs32.exe 缓冲区溢出 | |
| CVE-2007-3816 | RETIRED: Anders Mller JWIG Template 远程拒绝服务漏洞 | |
| CVE-2007-3842 | 8e6 R3000 Enterprise Filter 跨站脚本漏洞 |
Showing top 20 of 39 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2007-3833
No comments yet