CVE-2007-3482

{"id": "CVE-2007-3482", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-06-28T18:30:00.000", "references": [{"url": "http://osvdb.org/38860", "source": "cve@mitre.org"}, {"url": "http://www.0x000000.com/?i=371", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24700", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows remote attackers to bypass the \"same origin policy\" and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute."}, {"lang": "es", "value": "Una vulnerabilidad de tipo cross-domain en Apple Safari para Windows versi\u00f3n 3.0.1, permite a atacantes remotos omitir la \"same origin policy\" y acceder a informaci\u00f3n restringida de otros dominios por medio de JavaScript que sobrescribe la variable document y establece est\u00e1ticamente el atributo document.domain."}], "lastModified": "2008-11-15T05:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_nt:3.0.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "03D23398-0916-4E7E-9F22-B01569E3ECD6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}