Vulnerabilities > Apple > Safari > 3.0.3

DATE CVE VULNERABILITY TITLE RISK
2007-09-27 CVE-2007-3758 Cross-site Scripting vulnerability in Apple Safari
Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and in Mac OS X 10.4 through 10.4.10, allows remote attackers to set Javascript window properties for web pages that are in a different domain, which can be leveraged to conduct cross-site scripting (XSS) attacks.
network
apple CWE-79
4.3
4.3
2007-09-27 CVE-2007-3756 Information Exposure vulnerability in Apple Safari
Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain.
network
apple CWE-200
4.3
4.3
2007-09-11 CVE-2007-4812 Buffer Errors vulnerability in Apple Safari 3.0.3
Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string.
network
low complexity
apple CWE-119
5.0
5.0