CVE-2007-4671 - CVE Reference - Advisories

CVE Reference: CVE-2007-4671

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4671

Description: Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to "alter or access" HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36862 ST 1018752 SAID Secunia Advisory: SA26983 Secunia Advisory: SA27643 CONFIRM http://docs.info.apple.com/article.html?artnum=307041 http://docs.info.apple.com/article.html?artnum=306586 CERT http://www.us-cert.gov/cas/techalerts/TA07-319A.html BID 25852 26444 APPLE http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Microsoft Windows DNS Spoofing Vulnerabilities

2.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

3.	Microsoft Windows Explorer Saved Search Vulnerability

4.	Microsoft SQL Server and MSDE Multiple Vulnerabilities

5.	Joomla Unauthorized Access Vulnerabilities

6.	Microsoft Outlook Web Access Script Insertion Vulnerabilities

7.	Mozilla Firefox Multiple Vulnerabilities

8.	Symantec Brightmail AntiSpam Notifier Denial of Service

9.	Poppler "pageWidgets" Uninitialized Memory Access

10.	Neutrino Atomic Edition Security Bypass Vulnerability