CVE-2007-2401

Apple Mac OS X <10.4.9 - CRLF Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2401. PoCs published by Richard Moore.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Apple WebCore, where improper sanitization of user-supplied input allows arbitrary script execution. The example demonstrates header injection via a newline character in an HTTP request header.

Description

CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializing headers via the setRequestHeader function. NOTE: this issue can be leveraged for cross-site scripting (XSS) attacks.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Richard Moore · textremoteosx

https://www.exploit-db.com/exploits/30228

View Code ZIP pw:eip

The provided text describes a cross-site scripting (XSS) vulnerability in Apple WebCore, where improper sanitization of user-supplied input allows arbitrary script execution. The example demonstrates header injection via a newline character in an HTTP request header.

Classification

Writeup 80%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: Apple WebCore (Safari)

No auth needed

Prerequisites: Victim must visit a malicious website

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (15)

Core 15

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2316

Vendor Advisory x_refsource_confirm

http://docs.info.apple.com/article.html?artnum=306173

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/35017

Patch vendor-advisory x_refsource_apple

http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25786

Patch, Vendor Advisory x_refsource_misc

http://www.westpoint.ltd.uk/advisories/wp-07-0002.txt

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26287

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/472198/100/0/threaded

Vendor Advisory x_refsource_confirm

http://docs.info.apple.com/article.html?artnum=305759

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/24598

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2731

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/36449

Patch vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1018281

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2296

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/845708

Scores

EPSS 0.0330

EPSS Percentile 87.4%

Details

CWE

CWE-79

Status published

Products (4)

apple/mac_os_x 10.3.9

apple/mac_os_x 10.4.9

apple/mac_os_x_server 10.3.9

apple/mac_os_x_server 10.4.9

Published Jun 25, 2007

Tracked Since Feb 18, 2026