CVE-2007-2400

Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://docs.info.apple.com/article.html?artnum=306173	Vendor Advisory
http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html	Patch Vendor Advisory
http://osvdb.org/36452
http://secunia.com/advisories/26287	Vendor Advisory
http://www.kb.cert.org/vuls/id/289988	US Government Resource
http://www.securityfocus.com/bid/24599	Patch
http://www.securitytracker.com/id?1018282	Patch
http://www.vupen.com/english/advisories/2007/2316	Vendor Advisory
http://www.vupen.com/english/advisories/2007/2731	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:microsoft:windows_vista::::::::
	cpe:2.3:o:microsoft:windows_xp::::::::

OR	cpe:2.3:a:apple:safari:3.0::windows:::::
	cpe:2.3:a:apple:safari:3.0.1::windows:::::

History

No history.

Information

Published : 2007-06-25 19:30

Updated : 2024-02-28 11:01

NVD link : CVE-2007-2400

Mitre link : CVE-2007-2400

CVE.ORG link : CVE-2007-2400

JSON object : View

Products Affected

apple

mac_os_x
safari
iphone_os

microsoft

windows_vista
windows_xp

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2007-2400", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-06-25T19:30:00.000", "references": [{"url": "http://docs.info.apple.com/article.html?artnum=306173", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/36452", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26287", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/289988", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24599", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018282", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2316", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2731", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects."}, {"lang": "es", "value": "Una condici\u00f3n de carrera en Apple Safari versiones 3 Beta anteriores a 3.0.2 en Mac OS X, Windows XP, Windows Vista, y iPhone versiones anteriores a 1.0.1, permite a atacantes remotos omitir el modelo de seguridad de Java y modificar p\u00e1ginas fuera del dominio de seguridad y conducir ataques de tipo cross-site scripting (XSS) por medio de vectores relacionados con la actualizaci\u00f3n de p\u00e1ginas y redireccionamientos de HTTP."}], "lastModified": "2022-08-09T13:46:58.393", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6095A36B-BE17-4F65-81E6-2CAFACDF9577", "versionEndIncluding": "1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:3.0:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A588615E-EE35-4E19-8BDA-598ED9664686"}, {"criteria": "cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E61C168-482B-412A-97E8-B1C651797EDF"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}