9.3
CVE-2008-2306
- EPSS 3.81%
- Veröffentlicht 23.06.2008 20:41:00
- Zuletzt bearbeitet 16.06.2026 22:53:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.81% | 0.887 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html
http://secunia.com/advisories/30775
http://www.vupen.com/english/advisories/2008/1882/references
http://www.kb.cert.org/vuls/id/127185
http://www.securityfocus.com/bid/29835
http://www.securitytracker.com/id?1020329