Vulnerability Name:

CVE-2007-2400 (CCN-35053)

Assigned:2007-06-22
Published:2007-06-22
Updated:2022-08-09
Summary:Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-79
CWE-362
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2007-2400

Source: CCN
Type: iPhone v1.0.1 Update
About the security content of iPhone v1.0.1 Update

Source: CONFIRM
Type: Vendor Advisory
http://docs.info.apple.com/article.html?artnum=306173

Source: APPLE
Type: Patch, Vendor Advisory
APPLE-SA-2007-06-22

Source: CCN
Type: APPLE-SA-2007-07-30
Safari 3 Beta Update 3.0.2

Source: OSVDB
Type: UNKNOWN
36452

Source: CCN
Type: SA26287
Apple iPhone Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
26287

Source: CCN
Type: SECTRACK ID: 1018282
Apple Safar Bugs Let Remote Users Modify the Address Bar and Conduct Cross-Domain Scripting Attacks

Source: CCN
Type: Apple Safari Web site
Apple - Safari 3 Public Beta

Source: CCN
Type: US-CERT VU#289988
Apple Safari cross-domain HTTP redirection race condition

Source: CERT-VN
Type: US Government Resource
VU#289988

Source: CCN
Type: OSVDB ID: 36452
Apple Safari / iPhone HTTP Redirect Unspecified JavaScript Security Model

Source: BID
Type: Patch
24599

Source: CCN
Type: BID-24599
Apple Safari Cross-Domain Race Condition Information Disclosure Vulnerability

Source: SECTRACK
Type: Patch
1018282

Source: VUPEN
Type: Vendor Advisory
ADV-2007-2316

Source: VUPEN
Type: Vendor Advisory
ADV-2007-2731

Source: XF
Type: UNKNOWN
safari-http-redirection-xss(35053)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:apple:iphone_os:*:*:*:*:*:*:*:* (Version <= 1.0)
  • AND
  • cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:*:*:*:*:*:*:*
  • AND
  • cpe:/a:apple:safari:3.0.1:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0:*:windows:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apple:safari:3.0.1:beta:*:*:*:*:*:*
  • AND
  • cpe:/o:apple:iphone_os:1.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apple iphone os *
    microsoft windows vista *
    apple mac os x *
    microsoft windows xp *
    apple safari 3.0.1
    apple safari 3.0
    apple safari 3.0.1 beta
    apple iphone 1.0