CVE-2007-2400
N/A
N/A
Summary
Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://osvdb.org/36452
- http://www.vupen.com/english/advisories/2007/2316
- http://docs.info.apple.com/article.html?artnum=306173
- http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html
- http://www.securitytracker.com/id?1018282
- http://www.securityfocus.com/bid/24599
- http://secunia.com/advisories/26287
- http://www.kb.cert.org/vuls/id/289988
- http://www.vupen.com/english/advisories/2007/2731
References
- http://osvdb.org/36452
- http://www.vupen.com/english/advisories/2007/2316
- http://docs.info.apple.com/article.html?artnum=306173
- http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html
- http://www.securitytracker.com/id?1018282
- http://www.securityfocus.com/bid/24599
- http://secunia.com/advisories/26287
- http://www.kb.cert.org/vuls/id/289988
- http://www.vupen.com/english/advisories/2007/2731
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.