Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-2400
HistoryJun 25, 2007 - 7:30 p.m.

CVE-2007-2400

2007-06-2519:30:00
CWE-362
CWE-79
[email protected]
web.nvd.nist.gov
29
cve-2007-2400
race condition
apple safari 3
javascript security
xss attacks
page updating
http redirects

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.3 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects.

Affected configurations

NVD
Node
appleiphone_osRange1.0
AND
applemac_os_x
OR
microsoftwindows_vista
OR
microsoftwindows_xp
AND
applesafariMatch3.0windows
OR
applesafariMatch3.0.1windows

Related

cvelist 1
cert 1
nvd 1
prion 1
seebug 1
cvelist
cvelist
CVE-2007-2400
2007-06-25 19:00:00
cert
cert
Apple Safari cross-domain HTTP redirection race condition
2007-06-25 00:00:00
nvd
nvd
CVE-2007-2400
2007-06-25 19:30:00
prion
prion
Race condition
2007-06-25 19:30:00
seebug
seebug
Apple iPhone多个安全漏洞
2007-08-02 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.3 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON
Related for CVE-2007-2400
cvelist1cert1nvd1prion1seebug1