Vulnerabilities > CVE-2007-3759 - Configuration vulnerability in Apple Safari
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 1 | |
Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html
- http://docs.info.apple.com/article.html?artnum=306586
- http://www.securityfocus.com/bid/25853
- http://securitytracker.com/id?1018752
- http://secunia.com/advisories/26983
- http://osvdb.org/38532
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36858