Vulnerabilities > CVE-2007-3514 - Security Bypass vulnerability in Apple Safari 3.0.2

CVSS 8.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

apple

NVD

Published: 2007-07-03

Updated: 2012-10-30

Summary

Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute to a file:// location, a different vector than CVE-2007-3482.

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Safari 3.0.2	1

References

http://osvdb.org/38861
http://www.0x000000.com/?i=371