CVE-2007-3756

Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-09-27 21:17

Updated : 2024-02-28 11:01


NVD link : CVE-2007-3756

Mitre link : CVE-2007-3756

CVE.ORG link : CVE-2007-3756


JSON object : View

Products Affected

apple

  • mac_os_x
  • safari
  • iphone_os

microsoft

  • windows_vista
  • windows_xp
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor