CVE-2007-2398 - CVE Reference - Advisories

CVE Reference: CVE-2007-2398

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2398

Description: Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/35050 ST 1018282 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0311.html CONFIRM http://support.apple.com/kb/HT1467 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/471452/100/0/threaded http://www.securityfocus.com/archive/1/471454/100/0/threaded BID 24484 APPLE http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Debian OpenSSL Predictable Random Number Generator and Update

2.	Microsoft Word Two Code Execution Vulnerabilities

3.	Microsoft Malware Protection Engine File Parsing Denial of Service

4.	Ubuntu update for openssl

5.	Microsoft Publisher Object Handler Validation Vulnerability

6.	Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation

7.	Novell Client Login Long Username/Contex t Buffer Overflow

8.	Citrix Access Gateway Unspecified Authentication Bypass

9.	Build A Niche Store "q" Cross-Site Scripting

10.	cPanel Cross-Site Scripting and Request Forgery Vulnerabilities