Apple Safari for Windows Protocol Handler Command Injection Vulnerability

Bugtraq ID: 24434
Class: Input Validation Error
CVE: CVE-2007-3186
Remote: Yes
Local: No
Published: Jun 12 2007 12:00AM
Updated: Jun 14 2007 01:39PM
Credit: Thor Larholm discovered this vulnerability.
Vulnerable: Apple Safari 2.0.4
Apple Safari 2.0.3
Apple Safari 2.0.2
Apple Safari 2.0.1
+ Apple Mac OS X 10.4.2
+ Apple Mac OS X 10.4.1
+ Apple Mac OS X 10.4
+ Apple Mac OS X Server 10.4.2
+ Apple Mac OS X Server 10.4.1
+ Apple Mac OS X Server 10.4
Apple Safari 3 Beta for Windows
Apple Safari 3 Beta
Apple Mobile Safari 0
+ Apple Mac OS X 10.4.2
+ Apple Mac OS X 10.4.2
+ Apple Mac OS X 10.4.1
+ Apple Mac OS X 10.4.1
+ Apple Mac OS X 10.4
+ Apple Mac OS X 10.4
+ Apple Mac OS X Server 10.4.2
+ Apple Mac OS X Server 10.4.1
+ Apple Mac OS X Server 10.4.1
+ Apple Mac OS X Server 10.4
+ Apple Mac OS X Server 10.4
Not Vulnerable: Apple Safari 3.0.1 Beta for Windows


 

Privacy Statement
Copyright 2010, SecurityFocus