9.3
CVE-2007-2399
- EPSS 7.29%
- Veröffentlicht 25.06.2007 19:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.29% | 0.936 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.vupen.com/english/advisories/2007/2316
http://docs.info.apple.com/article.html?artnum=305759
http://docs.info.apple.com/article.html?artnum=306173
http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html
http://osvdb.org/36130
http://osvdb.org/36450
http://secunia.com/advisories/25786
http://secunia.com/advisories/26287
http://www.kb.cert.org/vuls/id/389868
http://www.securityfocus.com/bid/24597
http://www.securitytracker.com/id?1018281
http://www.vupen.com/english/advisories/2007/2296
http://www.vupen.com/english/advisories/2007/2731
https://exchange.xforce.ibmcloud.com/vulnerabilities/35019