CVE-2007-3186
Apple Safari - Access Control
Title source: ruleDescription
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Thor Larholm · htmlremotewindows
https://www.exploit-db.com/exploits/30176
References (10)
Scores
EPSS
0.0925
EPSS Percentile
92.7%
Details
CWE
CWE-264
Status
published
Products (8)
apple/safari
apple/safari
2.0
apple/safari
2.0.1
apple/safari
2.0.2
apple/safari
2.0.3
apple/safari
2.0.4
apple/safari
3.0
apple/safari
3.0.1
Published
Jun 12, 2007
Tracked Since
Feb 18, 2026