Lucene search

[email protected]CVE-2007-3514

HistoryJul 03, 2007 - 10:30 a.m.

CVE-2007-3514

2007-07-0310:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3514

cross-domain vulnerability

apple safari

windows

same origin policy

javascript

nvd

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.6%

JSON

Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute to a file:// location, a different vector than CVE-2007-3482.

Affected configurations

NVD

Node

applesafariMatch3.0.2windows

CPENameOperatorVersion
apple:safariapple safarieq3.0.2

CPE	Name	Operator	Version
apple:safari	apple safari	eq	3.0.2

References

osvdb.org/38861

www.0x000000.com/?i=371

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:P/A:N

5.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.6%

JSON

Related for CVE-2007-3514

cvelist2 prion2 nvd2 vmware1 cve1