7.1

CVE-2007-2398

EPSS 1.56%
Veröffentlicht 21.06.2007 10:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Safari Version3.0.1 Editionwindows

Microsoft ≫ Windows 2003 Server Versionsp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.56%	0.808

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:C/A:N

http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0311.html

http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html

http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html

http://osvdb.org/38862

http://support.apple.com/kb/HT1467

http://www.securityfocus.com/archive/1/471452/100/0/threaded

http://www.securityfocus.com/archive/1/471454/100/0/threaded

http://www.securityfocus.com/bid/24484

http://www.securitytracker.com/id?1018282

http://www.vupen.com/english/advisories/2007/2316

http://www.vupen.com/english/advisories/2008/0979/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/35050

https://nvd.nist.gov/vuln/detail/CVE-2007-2398

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2398

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2398

EUVD