CVE-2007-3376 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

2 documents2 sources

Severity

9.3CRITICALNVD

EPSS

4.8%

top 10.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedJun 25

Latest updateMay 1

Description

Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/safari3.0.2

🔴Vulnerability Details

GHSA

GHSA-m8c6-398r-jfvx: Buffer overflow in Apple Safari 3↗2022-05-01

▶