Details of VAR-200709-0211

ID

VAR-200709-0211

CVE

CVE-2007-4812

TITLE

Apple Safari for Windows Document.Location.Hash Buffer Overflow Vulnerability

Trust: 0.9

sources: BID: 26448 // CNNVD: CNNVD-200709-108

DESCRIPTION

Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method. Apple Safari In document.location.hash Contains a flaw in string handling that could lead to a buffer overflow.Created by a third party Web Browsing the browser by browsing the page causes service disruption (DoS) Could be put into a state or execute arbitrary code. Safari for Windows is prone to a buffer overflow that occurs when an attacker entices a victim to view a maliciously crafted webpage. A remote attacker may exploit this issue to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions

Trust: 1.98

sources: NVD: CVE-2007-4812 // JVNDB: JVNDB-2007-000982 // BID: 26448 // VULHUB: VHN-28174

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	eq	version:	3.0.3	Trust: 1.6
vendor:	apple	model:	safari	scope:	lte	version:	3 beta update 3.0.3	Trust: 0.8
vendor:	apple	model:	safari beta for windows	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	apple	model:	safari beta for windows	scope:	eq	version:	3.0.2	Trust: 0.3
vendor:	apple	model:	safari beta for windows	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	apple	model:	safari beta for windows	scope:	eq	version:	3	Trust: 0.3
vendor:	apple	model:	safari beta for windows	scope:	ne	version:	3.0.4	Trust: 0.3

sources: BID: 26448 // JVNDB: JVNDB-2007-000982 // CNNVD: CNNVD-200709-108 // NVD: CVE-2007-4812

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-4812
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-4812
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200709-108
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-28174
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-4812
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-28174
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-28174 // JVNDB: JVNDB-2007-000982 // CNNVD: CNNVD-200709-108 // NVD: CVE-2007-4812

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-28174 // JVNDB: JVNDB-2007-000982 // NVD: CVE-2007-4812

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200709-108

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200709-108

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000982

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-28174

PATCH

title:	Safari 3 Beta Update 3.0.4	url:	http://docs.info.apple.com/article.html?artnum=307038-en	Trust: 0.8
title:	Safari 3 Beta Update 3.0.4	url:	http://docs.info.apple.com/article.html?artnum=307038-ja	Trust: 0.8

sources: JVNDB: JVNDB-2007-000982

EXTERNAL IDS

db:	NVD	id:	CVE-2007-4812	Trust: 2.8
db:	BID	id:	26448	Trust: 2.8
db:	OSVDB	id:	43971	Trust: 1.7
db:	SREASON	id:	3111	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-000982	Trust: 0.8
db:	BUGTRAQ	id:	20070907 SAFARI 3.0.3 (522.15.5) BUFFER OVERFLOW	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2007-11-14	Trust: 0.6
db:	CNNVD	id:	CNNVD-200709-108	Trust: 0.6
db:	SEEBUG	id:	SSVID-84134	Trust: 0.1
db:	EXPLOIT-DB	id:	30767	Trust: 0.1
db:	VULHUB	id:	VHN-28174	Trust: 0.1

sources: VULHUB: VHN-28174 // BID: 26448 // JVNDB: JVNDB-2007-000982 // CNNVD: CNNVD-200709-108 // NVD: CVE-2007-4812

REFERENCES

url:	http://www.securityfocus.com/bid/26448	Trust: 2.5
url:	http://lists.apple.com/archives/security-announce/2007/nov/msg00003.html	Trust: 1.7
url:	http://osvdb.org/43971	Trust: 1.7
url:	http://securityreason.com/securityalert/3111	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/478802/100/0/threaded	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4812	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4812	Trust: 0.8
url:	http://www.securityfocus.com/archive/1/archive/1/478802/100/0/threaded	Trust: 0.6
url:	http://www.apple.com/safari/download/	Trust: 0.3
url:	http://www.apple.com/safari/	Trust: 0.3
url:	/archive/1/478802	Trust: 0.3

sources: VULHUB: VHN-28174 // BID: 26448 // JVNDB: JVNDB-2007-000982 // CNNVD: CNNVD-200709-108 // NVD: CVE-2007-4812

CREDITS

Azizov E. is credited with the discovery of this vulnerability.

Trust: 0.9

sources: BID: 26448 // CNNVD: CNNVD-200709-108

SOURCES

db:	VULHUB	id:	VHN-28174
db:	BID	id:	26448
db:	JVNDB	id:	JVNDB-2007-000982
db:	CNNVD	id:	CNNVD-200709-108
db:	NVD	id:	CVE-2007-4812

LAST UPDATE DATE

2024-08-14T13:03:37.096000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-28174	date:	2018-10-15T00:00:00
db:	BID	id:	26448	date:	2007-11-15T17:14:00
db:	JVNDB	id:	JVNDB-2007-000982	date:	2007-12-07T00:00:00
db:	CNNVD	id:	CNNVD-200709-108	date:	2009-02-05T00:00:00
db:	NVD	id:	CVE-2007-4812	date:	2018-10-15T21:38:14.720

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-28174	date:	2007-09-11T00:00:00
db:	BID	id:	26448	date:	2007-06-25T00:00:00
db:	JVNDB	id:	JVNDB-2007-000982	date:	2007-12-07T00:00:00
db:	CNNVD	id:	CNNVD-200709-108	date:	2007-09-11T00:00:00
db:	NVD	id:	CVE-2007-4812	date:	2007-09-11T18:17:00