Apple iPhone Mobile Safari Browser Window Properties Same Origin Policy Bypass Vulnerability

Bugtraq ID: 25857
Class: Design Error
CVE: CVE-2007-3758
Remote: Yes
Local: No
Published: Sep 27 2007 12:00AM
Updated: Nov 15 2007 12:40AM
Credit: Michal Zalewski of Google Inc. and Secunia Research are credited with the discovery of this vulnerability.
Vulnerable: Apple Safari 3.0.3 Beta for Windows
Apple Safari 3.0.2 Beta for Windows
Apple Safari 3.0.1 Beta for Windows
Apple Safari 3 Beta for Windows
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple iPhone 1.0.1
Apple iPhone 1
Apple iPhone 0
Not Vulnerable: Apple Mac OS X Server 10.4.11
Apple Mac OS X 10.4.11
Apple iPhone 1.1.1


 

Privacy Statement
Copyright 2010, SecurityFocus