Lucene search

[email protected]NVD:CVE-2008-1999

HistoryApr 28, 2008 - 8:05 p.m.

CVE-2008-1999

2008-04-2820:05:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

Apple Safari 3.1.1 allows remote attackers to spoof the address bar by placing many “invisible” characters in the userinfo subcomponent of the authority component of the URL (aka the user field), as demonstrated by %E3%80%80 sequences.

Affected configurations

NVD

Node

applesafariMatch3.1.1

References

es.geocities.com/jplopezy/pruebasafari3.html

secunia.com/advisories/29900

securityreason.com/securityalert/3833

www.securityfocus.com/archive/1/491192/100/0/threaded

www.vupen.com/english/advisories/2008/1347

exchange.xforce.ibmcloud.com/vulnerabilities/41981

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

Related for NVD:CVE-2008-1999

cvelist1 cve1 checkpoint_advisories1 prion1