CVE-2007-3482

Apple Safari - XSS

Title source: rule

Description

Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows remote attackers to bypass the "same origin policy" and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute.

References (3)

[Third Party Advisory, VDB Entry] http://osvdb.org/38860

[Various Sources] http://www.0x000000.com/?i=371

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24700

Scores

EPSS 0.0030

EPSS Percentile 53.4%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

apple/safari

Timeline

Published Jun 28, 2007

Tracked Since Feb 18, 2026