Back to search
CVE-2007-2391
Published: Jun 14, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attackers to inject arbitrary web script or HTML via a web page that includes a windows.setTimeout function that is activated after the user has moved from the current page.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
safari-settimeout-security-bypass(34847)
vdb-entry
x_refsource_XF
ADV-2007-2192
vdb-entry
x_refsource_VUPEN
20070613 Re: [Full-disclosure] Apple Safari: cookie stealing
mailing-list
x_refsource_BUGTRAQ
24457
vdb-entry
x_refsource_BID
1018238
vdb-entry
x_refsource_SECTRACK
20070613 Apple Safari: cookie stealing
mailing-list
x_refsource_BUGTRAQ
36605
vdb-entry
x_refsource_OSVDB
APPLE-SA-2007-06-14
vendor-advisory
x_refsource_APPLE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now