Back to search
CVE-2007-5858
Published: Dec 19, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://docs.info.apple.com/article.html?artnum=307178
x_refsource_CONFIRM
ADV-2007-4238
vdb-entry
x_refsource_VUPEN
TA07-352A
third-party-advisory
x_refsource_CERT
28136
third-party-advisory
x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=307302
x_refsource_CONFIRM
safari-webkit-security-bypass(39091)
vdb-entry
x_refsource_XF
APPLE-SA-2007-12-17
vendor-advisory
x_refsource_APPLE
28497
third-party-advisory
x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=307179
x_refsource_CONFIRM
26911
vdb-entry
x_refsource_BID
APPLE-SA-2008-01-15
vendor-advisory
x_refsource_APPLE
ADV-2008-0147
vdb-entry
x_refsource_VUPEN
1019108
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now