CVE-2007-2580

Apple Safari - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an AppleScript script.

Exploits (1)

exploitdb WORKING POC VERIFIED

by poplix · javascriptlocalosx

https://www.exploit-db.com/exploits/29950

View Code ZIP pw:eip

References (12)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/467676/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468544/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468585/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468639/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468650/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468719/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468727/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468737/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/468869/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/23825

[Third Party Advisory, VDB Entry] http://www.osvdb.org/35569

[Third Party Advisory] http://securityreason.com/securityalert/2685

Scores

EPSS 0.0028

EPSS Percentile 51.7%

Details

Status published

Products (1)

apple/safari

Published May 09, 2007

Tracked Since Feb 18, 2026