CVE-2007-2398 — Apple Safari vulnerability

2 documents2 sources

Severity

7.1HIGHNVD

EPSS

1.6%

top 18.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedJun 21

Latest updateMay 1

Description

Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks.

CVSS vector

AV:N/AC:M/C:N/I:C/A:NExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

▶NVDapple/safari3.0.1

🔴Vulnerability Details

GHSA

GHSA-7vvf-9wv5-9fw7: Apple Safari 3↗2022-05-01

▶