Unrated severityNVD Advisory· Published Jun 11, 2007· Updated Apr 23, 2026

CVE-2007-3150

Description

Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, which is displayed in the "results stored on your computer" portion of the search results, and when clicked invokes Google Desktop to execute this file.

Affected products

Google/Desktop
cpe:2.3:a:google:desktop:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ha.ckers.org/google-desktop-0day/nvdExploit
ha.ckers.org/blog/20070531/google-desktop-0day/nvd
osvdb.org/40566nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000