7.1

CVE-2007-2398

EPSS 1.56%
Published 21.06.2007 10:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks.

Affected products Warnungen 0 Metrics 2 CWE 0 References 15

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ Safari Version3.0.1 Editionwindows

Microsoft ≫ Windows 2003 Server Versionsp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.56%	0.808

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:C/A:N

http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0311.html

http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html

http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html

http://osvdb.org/38862

http://support.apple.com/kb/HT1467

http://www.securityfocus.com/archive/1/471452/100/0/threaded

http://www.securityfocus.com/archive/1/471454/100/0/threaded

http://www.securityfocus.com/bid/24484

http://www.securitytracker.com/id?1018282

http://www.vupen.com/english/advisories/2007/2316

http://www.vupen.com/english/advisories/2008/0979/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/35050

https://nvd.nist.gov/vuln/detail/CVE-2007-2398

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2398

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2398

EUVD