CVE-2007-3185 - Apple Safari Beta 3.0.1 for Windows public beta allows remote attackers to cause a denial of service

CVE-2007-3185

Summary

Apple Safari Beta 3.0.1 for Windows public beta allows remote attackers to cause a denial of service (crash) via unspecified DHTML manipulations that trigger memory corruption, as demonstrated using Hamachi.

References

http://aviv.raffon.net/2007/06/11/AppleSafariForWindowsOutWithACrash.aspx
http://lists.apple.com/archives/security-announce/2007/Jun/msg00000.html
http://osvdb.org/38541
http://www.securityfocus.com/bid/24433
http://www.vupen.com/english/advisories/2007/2192
https://exchange.xforce.ibmcloud.com/vulnerabilities/34846

Vulnerable Configurations

cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*

CVSS

Base:	7.8 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

apple	APPLE-SA-2007-06-14
bid	24433
misc	http://aviv.raffon.net/2007/06/11/AppleSafariForWindowsOutWithACrash.aspx
osvdb	38541
vupen	ADV-2007-2192
xf	safari-feed-dos(34846)

Last major update

29-07-2017 - 01:32

Published

12-06-2007 - 22:30

Last modified

29-07-2017 - 01:32