|
|
CVE Reference: CVE-2007-4692 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4692 |
|
|
Description: The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/38460 SAID Secunia Advisory: SA27643 OSVDB 40662 CONFIRM http://docs.info.apple.com/article.html?artnum=307041 CERT http://www.us-cert.gov/cas/techalerts/TA07-319A.html BID 26444 26447 APPLE http://lists.apple.com/archives/security-announce/2007/Nov/msg00003.html http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html |
|
| Return to the previous page. |
