Details of VAR-200708-0454

ID

VAR-200708-0454

CVE

CVE-2007-3743

TITLE

Apple Safari Vulnerable to stack-based buffer overflow in bookmark processing

Trust: 0.8

sources: JVNDB: JVNDB-2007-002335

DESCRIPTION

Stack-based buffer overflow in bookmark handling in Apple Safari 3 Beta before Update 3.0.3 on Windows allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a bookmark with a long title. Safari for Windows is prone to a buffer-overflow vulnerability. This issue is triggered when an attacker entices a victim to bookmark a maliciously crafted site. A remote attacker may exploit this issue to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Safari is the WEB browser bundled with the Apple family operating system by default. When Safari 3 Beta for Windows is upgraded to version 3.0.3, there is a buffer overflow vulnerability when dealing with super long titles in web pages. Remote attackers may take advantage of this vulnerability to control the user's machine. Safari on Windows does not properly handle title fields in web pages. If the length of this field is greater than 1024 bytes, a buffer overflow will be triggered when the user visits the page and performs the bookmark operation, resulting in the execution of arbitrary instructions in the browser session

Trust: 1.98

sources: NVD: CVE-2007-3743 // JVNDB: JVNDB-2007-002335 // BID: 24619 // VULHUB: VHN-27105

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	lte	version:	3.0.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	update 3.0.3	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	3 bata	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	3.0.2	Trust: 0.6
vendor:	apple	model:	safari beta for windows	scope:	eq	version:	3.0.2	Trust: 0.3
vendor:	apple	model:	safari beta for windows	scope:	ne	version:	3.0.3	Trust: 0.3

sources: BID: 24619 // JVNDB: JVNDB-2007-002335 // CNNVD: CNNVD-200708-013 // NVD: CVE-2007-3743

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-3743
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-3743
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200708-013
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-27105
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-3743
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-27105
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-27105 // JVNDB: JVNDB-2007-002335 // CNNVD: CNNVD-200708-013 // NVD: CVE-2007-3743

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-27105 // JVNDB: JVNDB-2007-002335 // NVD: CVE-2007-3743

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200708-013

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200708-013

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-002335

PATCH

title:

Safari 3 Beta Update 3.0.3

url:

http://support.apple.com/kb/TA24875?viewlocale=en_US

Trust: 0.8

sources: JVNDB: JVNDB-2007-002335

EXTERNAL IDS

db:	NVD	id:	CVE-2007-3743	Trust: 2.8
db:	SECTRACK	id:	1018495	Trust: 1.7
db:	OSVDB	id:	40882	Trust: 1.1
db:	JVNDB	id:	JVNDB-2007-002335	Trust: 0.8
db:	XF	id:	35712	Trust: 0.6
db:	CNNVD	id:	CNNVD-200708-013	Trust: 0.6
db:	BID	id:	24619	Trust: 0.3
db:	VULHUB	id:	VHN-27105	Trust: 0.1

sources: VULHUB: VHN-27105 // BID: 24619 // JVNDB: JVNDB-2007-002335 // CNNVD: CNNVD-200708-013 // NVD: CVE-2007-3743

REFERENCES

url:	http://docs.info.apple.com/article.html?artnum=306174	Trust: 1.7
url:	http://isc.sans.org/diary.html?storyid=3214	Trust: 1.7
url:	http://www.securitytracker.com/id?1018495	Trust: 1.7
url:	http://osvdb.org/40882	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/35712	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3743	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3743	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/35712	Trust: 0.6
url:	http://www.apple.com/safari/	Trust: 0.3
url:	/archive/1/472209	Trust: 0.3

sources: VULHUB: VHN-27105 // BID: 24619 // JVNDB: JVNDB-2007-002335 // CNNVD: CNNVD-200708-013 // NVD: CVE-2007-3743

CREDITS

E.Azizov※ azizov@itdefence.ru

Trust: 0.6

sources: CNNVD: CNNVD-200708-013

SOURCES

db:	VULHUB	id:	VHN-27105
db:	BID	id:	24619
db:	JVNDB	id:	JVNDB-2007-002335
db:	CNNVD	id:	CNNVD-200708-013
db:	NVD	id:	CVE-2007-3743

LAST UPDATE DATE

2024-08-14T14:08:08.641000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-27105	date:	2017-07-29T00:00:00
db:	BID	id:	24619	date:	2016-07-05T22:00:00
db:	JVNDB	id:	JVNDB-2007-002335	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200708-013	date:	2007-08-06T00:00:00
db:	NVD	id:	CVE-2007-3743	date:	2017-07-29T01:32:30.457

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-27105	date:	2007-08-03T00:00:00
db:	BID	id:	24619	date:	2007-06-25T00:00:00
db:	JVNDB	id:	JVNDB-2007-002335	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200708-013	date:	2007-06-24T00:00:00
db:	NVD	id:	CVE-2007-3743	date:	2007-08-03T20:17:00