Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2007-2409
- EPSS 1.31%
- Veröffentlicht 03.08.2007 10:17:00
- Zuletzt bearbeitet 16.06.2026 22:39:31
Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window.
4.3
CVE-2007-2410
- EPSS 1.26%
- Veröffentlicht 03.08.2007 10:17:00
- Zuletzt bearbeitet 16.06.2026 22:39:31
WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
4.3
CVE-2007-0478
- EPSS 1.62%
- Veröffentlicht 25.01.2007 00:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:39
WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding ...
1