admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-12-13 16:24:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-24xx/CVE-2007-2400.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

241 lines
6.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-2400",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-06-25T19:30:00.000",
"lastModified": "2024-11-21T00:30:41.750",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects."
},
{
"lang": "es",
"value": "Una condici\u00f3n de carrera en Apple Safari versiones 3 Beta anteriores a 3.0.2 en Mac OS X, Windows XP, Windows Vista, y iPhone versiones anteriores a 1.0.1, permite a atacantes remotos omitir el modelo de seguridad de Java y modificar p\u00e1ginas fuera del dominio de seguridad y conducir ataques de tipo cross-site scripting (XSS) por medio de vectores relacionados con la actualizaci\u00f3n de p\u00e1ginas y redireccionamientos de HTTP."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"baseScore": 4.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "6095A36B-BE17-4F65-81E6-2CAFACDF9577"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "A588615E-EE35-4E19-8BDA-598ED9664686"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "3E61C168-482B-412A-97E8-B1C651797EDF"
}
]
}
]
}
],
"references": [
{
"url": "http://docs.info.apple.com/article.html?artnum=306173",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://osvdb.org/36452",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/26287",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/289988",
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.securityfocus.com/bid/24599",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://www.securitytracker.com/id?1018282",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/2316",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/2731",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://docs.info.apple.com/article.html?artnum=306173",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://osvdb.org/36452",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/26287",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/289988",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.securityfocus.com/bid/24599",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "http://www.securitytracker.com/id?1018282",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/2316",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/2731",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink