var-200708-0466
Vulnerability from variot
WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly recognize an unchecked "Enable Java" setting, which allows remote attackers to execute Java applets via a crafted web page. Apple Safari is prone to a weakness that may result in the execution of potentially malicious Java applets. This issue results from a design error. This weakness arises because the application fails to properly check a security setting. Versions prior to Safari 3.0.3 Beta and Safari 3.0.3 Beta for Windows are vulnerable to this issue. Safari is the WEB browser bundled with the Apple family operating system by default. Safari provides an option to enable Java preferences
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200708-0466",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "3 beta"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari beta for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari beta",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "25157"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
},
{
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rhys Kidd\u203b rhyskidd@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2408",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2007-2408",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-25770",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-2408",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-2408",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200708-035",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-25770",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25770"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
},
{
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly recognize an unchecked \"Enable Java\" setting, which allows remote attackers to execute Java applets via a crafted web page. Apple Safari is prone to a weakness that may result in the execution of potentially malicious Java applets. This issue results from a design error. \nThis weakness arises because the application fails to properly check a security setting. \nVersions prior to Safari 3.0.3 Beta and Safari 3.0.3 Beta for Windows are vulnerable to this issue. Safari is the WEB browser bundled with the Apple family operating system by default. Safari provides an option to enable Java preferences",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2408"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"db": "BID",
"id": "25157"
},
{
"db": "VULHUB",
"id": "VHN-25770"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2408",
"trust": 2.8
},
{
"db": "BID",
"id": "25157",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2730",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948",
"trust": 0.8
},
{
"db": "XF",
"id": "35714",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200708-035",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-25770",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25770"
},
{
"db": "BID",
"id": "25157"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
},
{
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"id": "VAR-200708-0466",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25770"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:20:36.352000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Safari 3 Beta Update 3.0.3",
"trust": 0.8,
"url": "http://support.apple.com/kb/TA24875?viewlocale=en_US"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25770"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25157"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=306174"
},
{
"trust": 1.7,
"url": "http://isc.sans.org/diary.html?storyid=3214"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/2730"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35714"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2408"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2408"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2730"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35714"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25770"
},
{
"db": "BID",
"id": "25157"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
},
{
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25770"
},
{
"db": "BID",
"id": "25157"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
},
{
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-08-03T00:00:00",
"db": "VULHUB",
"id": "VHN-25770"
},
{
"date": "2007-07-31T00:00:00",
"db": "BID",
"id": "25157"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"date": "2007-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-035"
},
{
"date": "2007-08-03T20:17:00",
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-25770"
},
{
"date": "2007-08-01T21:25:00",
"db": "BID",
"id": "25157"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001948"
},
{
"date": "2007-08-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-035"
},
{
"date": "2024-11-21T00:30:42.970000",
"db": "NVD",
"id": "CVE-2007-2408"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari of WebKit In Java Applet execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001948"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-035"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…