Vulnerabilities > CVE-2007-2580 - Local vulnerability in Apple Safari
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an AppleScript script.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Apple 2.0.4 Safari Unspecified Local Vulnerability. CVE-2007-2580. Local exploit for osx platform |
| id | EDB-ID:29950 |
| last seen | 2016-02-03 |
| modified | 2007-05-04 |
| published | 2007-05-04 |
| reporter | poplix |
| source | https://www.exploit-db.com/download/29950/ |
| title | Apple <= 2.0.4 Safari Unspecified Local Vulnerability |
References
- http://securityreason.com/securityalert/2685
- http://www.osvdb.org/35569
- http://www.securityfocus.com/archive/1/467676/100/0/threaded
- http://www.securityfocus.com/archive/1/468544/100/0/threaded
- http://www.securityfocus.com/archive/1/468585/100/0/threaded
- http://www.securityfocus.com/archive/1/468639/100/0/threaded
- http://www.securityfocus.com/archive/1/468650/100/0/threaded
- http://www.securityfocus.com/archive/1/468719/100/0/threaded
- http://www.securityfocus.com/archive/1/468727/100/0/threaded
- http://www.securityfocus.com/archive/1/468737/100/0/threaded
- http://www.securityfocus.com/archive/1/468869/100/0/threaded
- http://www.securityfocus.com/bid/23825