CVE-2004-0720 — Apple Safari vulnerability

2 documents2 sources

Severity

7.5HIGHNVD

EPSS

0.5%

top 32.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedJul 27

Latest updateApr 29

Description

Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDapple/safari1.2.2

🔴Vulnerability Details

GHSA

GHSA-gjvm-4fgg-6qpr: Safari 1↗2022-04-29

▶