Lucene search

[email protected]CVE-2007-3376

HistoryJun 25, 2007 - 8:30 p.m.

CVE-2007-3376

2007-06-2520:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3376

buffer overflow

apple safari

windows xp

denial of service

remote attack

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.1%

JSON

Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark.

Affected configurations

NVD

Node

microsoftwindows_xpsp2

AND

applesafariMatch3.0.2

CPENameOperatorVersion
apple:safariapple safarieq3.0.2

CPE	Name	Operator	Version
apple:safari	apple safari	eq	3.0.2

References

marc.info/?l=full-disclosure&m=118278848816602&w=2

osvdb.org/40882

www.securityfocus.com/archive/1/472209

www.securityfocus.com/bid/24619

www.vupen.com/english/advisories/2007/2340

exchange.xforce.ibmcloud.com/vulnerabilities/35030

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.1%

JSON

Related for CVE-2007-3376

prion1 cvelist1 nvd1