CVE-2007-4431
N/A
N/A
Summary
Cross-domain vulnerability in Apple Safari for Windows 3.0.3 and earlier allows remote attackers to bypass the Same Origin Policy, with access from local zones to external domains, via a certain body.innerHTML property value, aka "classic JavaScript frame hijacking."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://sla.ckers.org/forum/read.php?3%2C14151
- http://www.thespanner.co.uk/2007/08/17/safari-beta-zero-day/
- http://osvdb.org/46720
- http://www.0x000000.com/index.php?i=420
- http://www.securityfocus.com/bid/25355
References
- http://sla.ckers.org/forum/read.php?3%2C14151
- http://www.thespanner.co.uk/2007/08/17/safari-beta-zero-day/
- http://osvdb.org/46720
- http://www.0x000000.com/index.php?i=420
- http://www.securityfocus.com/bid/25355
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.