CVE-2007-2410

Currently unrated

Key Information:

Vendor: Apple
Status: Webcore
Vendor: CVE Published:; 3 August 2007

Summary

WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks.

References

http://www.vupen.com/english/advisories/2007/2732

vdb-entryx_refsource_VUPEN

http://lists.apple.com/archives/security-announce//2007/J...

vendor-advisoryx_refsource_APPLE

http://securitytracker.com/id?1018494

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Aug 3, 2007
Vulnerability Reserved
Apr 30, 2007