Lucene search
MitreCVELIST:CVE-2007-0478HistoryJan 25, 2007 - 12:00 a.m.
CVE-2007-0478
2007-01-2500:00:00
mitre
www.cve.org
6
WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment.
References
docs.info.apple.com/article.html?artnum=306172
lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
osvdb.org/32712
secunia.com/advisories/23893
secunia.com/advisories/26235
securitytracker.com/id?1018494
www.beanfuzz.com/wordpress/?p=99
www.securityfocus.com/archive/1/457763/100/0/threaded
www.securityfocus.com/bid/25159
www.vupen.com/english/advisories/2007/2732
exchange.xforce.ibmcloud.com/vulnerabilities/31846
Related
prion
prion
Cross site scripting
2007-01-25 00:28:00
Cross site scripting
2007-01-29 16:28:00
nvd
nvd
CVE-2007-0478
2007-01-25 00:28:00
CVE-2007-0537
2007-01-29 16:28:00
cve
cve
CVE-2007-0478
2007-01-25 00:28:00
CVE-2007-0537
2007-01-29 16:28:00
openvas
openvas
Mandriva Update for kdelibs MDKSA-2007:031 (kdelibs)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200703-10 (kdelibs)
2008-09-24 00:00:00
Mandriva Update for kdelibs MDKSA-2007:031 (kdelibs)
2009-04-09 00:00:00
nessus
nessus
GLSA-200703-10 : KHTML: XSS (XSS) vulnerability
2007-03-12 00:00:00
Mandrake Linux Security Advisory : kdelibs (MDKSA-2007:157)
2009-04-23 00:00:00
Mandrake Linux Security Advisory : kdelibs (MDKSA-2007:031)
2007-02-18 00:00:00
cvelist
cvelist
CVE-2007-0537
2007-01-29 16:00:00
securityvulns
securityvulns
Apple Safari / Konqueror SCRIPT tag filtering bypass
2007-01-24 00:00:00
gentoo
gentoo
KHTML: Cross-site scripting (XSS) vulnerability
2007-03-10 00:00:00
ubuntucve
ubuntucve
CVE-2007-0537
2007-01-29 00:00:00
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00