CVE-2007-3186
published 2007-06-12CVE-2007-3186: Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as…
PriorityP350critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
4.93%
91.0th percentile
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2cg6-2qh8-qh5p: Multiple unspecified vulnerabilities in Apple Safari for Windows allow remote attackers to cause a denial of service or execute arbitrary code, possib
ghsa_unreviewed·2022-05-01·CVSS 7.8
CVE-2007-3187 [HIGH] GHSA-2cg6-2qh8-qh5p: Multiple unspecified vulnerabilities in Apple Safari for Windows allow remote attackers to cause a denial of service or execute arbitrary code, possib
Multiple unspecified vulnerabilities in Apple Safari for Windows allow remote attackers to cause a denial of service or execute arbitrary code, possibly involving memory corruption, and a different issue from CVE-2007-3185 and CVE-2007-3186. NOTE: as of 20070612, the original disclosure has no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
GHSA
GHSA-wq5q-28hc-6vmg: Apple Safari Beta 3
ghsa_unreviewed·2022-05-01
CVE-2007-3186 [HIGH] GHSA-wq5q-28hc-6vmg: Apple Safari Beta 3
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
Suricata
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-0560 [HIGH] ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user ASCII
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user ASCII"; flow:established,to_server; http.uri; content:"/user.asp?"; nocase; content:"user="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0560; reference:url,www.milw0rm.com/exploits/3186; classtype:web-application-attack; sid:2005174; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_
Suricata
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0560 [HIGH] ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user SELECT
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user SELECT"; flow:established,to_server; http.uri; content:"/user.asp?"; nocase; content:"user="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0560; reference:url,www.milw0rm.com/exploits/3186; classtype:web-application-attack; sid:2005170; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_
Suricata
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0560 [HIGH] ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user DELETE
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user DELETE"; flow:established,to_server; http.uri; content:"/user.asp?"; nocase; content:"user="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0560; reference:url,www.milw0rm.com/exploits/3186; classtype:web-application-attack; sid:2005173; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_
Suricata
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0560 [HIGH] ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UPDATE
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UPDATE"; flow:established,to_server; http.uri; content:"/user.asp?"; nocase; content:"user="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-0560; reference:url,www.milw0rm.com/exploits/3186; classtype:web-application-attack; sid:2005175; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_t
Suricata
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0560 [HIGH] ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user INSERT
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user INSERT"; flow:established,to_server; http.uri; content:"/user.asp?"; nocase; content:"user="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-0560; reference:url,www.milw0rm.com/exploits/3186; classtype:web-application-attack; sid:2005172; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_
Suricata
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0560 [HIGH] ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UNION SELECT
ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS ASP EDGE SQL Injection Attempt -- user.asp user UNION SELECT"; flow:established,to_server; http.uri; content:"/user.asp?"; nocase; content:"user="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0560; reference:url,www.milw0rm.com/exploits/3186; classtype:web-application-attack; sid:2005171; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
No writeups or analysis indexed.
http://larholm.com/2007/06/12/safari-for-windows-0day-exploit-in-2-hourshttp://larholm.com/2007/06/14/safari-301-released/http://lists.apple.com/archives/security-announce/2007/Jun/msg00000.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063926.htmlhttp://osvdb.org/38542http://www.securityfocus.com/archive/1/471176/100/0/threadedhttp://www.securityfocus.com/bid/24434http://www.securitytracker.com/id?1018224http://www.vupen.com/english/advisories/2007/2192https://exchange.xforce.ibmcloud.com/vulnerabilities/34824http://larholm.com/2007/06/12/safari-for-windows-0day-exploit-in-2-hourshttp://larholm.com/2007/06/14/safari-301-released/http://lists.apple.com/archives/security-announce/2007/Jun/msg00000.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063926.htmlhttp://osvdb.org/38542http://www.securityfocus.com/archive/1/471176/100/0/threadedhttp://www.securityfocus.com/bid/24434http://www.securitytracker.com/id?1018224http://www.vupen.com/english/advisories/2007/2192https://exchange.xforce.ibmcloud.com/vulnerabilities/34824
2007-06-12
Published