Lucene search

PRIOn knowledge basePRION:CVE-2007-2400

HistoryJun 25, 2007 - 7:30 p.m.

Race condition

2007-06-2519:30:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON

Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects.

CPENameOperatorVersion
iphone_osle1.0
safarieq3.0 windows
safarieq3.0.1 windows

Name	Operator	Version
iphone_os	le	1.0
safari	eq	3.0 windows
safari	eq	3.0.1 windows

References

docs.info.apple.com/article.html?artnum=306173

lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html

osvdb.org/36452

secunia.com/advisories/26287

www.kb.cert.org/vuls/id/289988

www.securityfocus.com/bid/24599

www.securitytracker.com/id?1018282

www.vupen.com/english/advisories/2007/2316

www.vupen.com/english/advisories/2007/2731