Lucene search

MitreCVE-2007-3274

HistoryJun 19, 2007 - 9:30 p.m.

CVE-2007-3274

2007-06-1921:30:00

CWE-399

mitre

web.nvd.nist.gov

apple safari

windows xp

denial of service

javascript

cve-2007-3274

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.004

Percentile

73.3%

JSON

Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (application crash) via JavaScript that sets the document.location variable, as demonstrated by an empty value of document.location.

Affected configurations

Nvd

Node

microsoftwindows_xpsp2

AND

applesafariMatch3.0

applesafariMatch3.0.1

VendorProductVersionCPE
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
applesafari3.0cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
applesafari3.0.1cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
apple	safari	3.0	cpe:2.3:a:apple:safari:3.0:::::::*
apple	safari	3.0.1	cpe:2.3:a:apple:safari:3.0.1:::::::*

References

osvdb.org/38863

securityreason.com/securityalert/2810

www.securityfocus.com/archive/1/471542/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/34912

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.004

Percentile

73.3%

JSON

Related for CVE-2007-3274