| Title |
Apple iPhone Mobile Safari Browser Window Properties Same Origin Policy Bypass Vulnerability |
| Published |
2007-09-27-12:00AM |
| Updated |
2007-11-15-12:40AM |
| Class |
Design Error |
| CVE |
CVE-2007-3758 |
| Remote |
Yes |
| Local |
No |
| Credit |
Michal Zalewski of Google Inc. and Secunia Research are credited with the discovery of this vulnerability. |
| Vulnerable |
Apple Safari 3.0.3
Apple Safari 3.0.2 Beta for Windows
Apple Safari 3.0.1 Beta for Windows
Apple Safari 3 Beta for Windows
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple iPhone 1.0.1
Apple iPhone 1
Apple iPhone 0
|
| Not Vulnerable |
Apple Mac OS X Server 10.4.11
Apple Mac OS X 10.4.11
Apple iPhone 1.1.1
|
| Code |
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI or visiting an attacker-controlled webpage. |
| TXT |
 |
