CVE-2007-3514

{"id": "CVE-2007-3514", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 8.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 7.8, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-07-03T10:30:00.000", "references": [{"url": "http://osvdb.org/38861", "source": "cve@mitre.org"}, {"url": "http://www.0x000000.com/?i=371", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute to a file:// location, a different vector than CVE-2007-3482."}, {"lang": "es", "value": "Vulnerabilidad de dominio cruzado en Apple Safari para Windows 3.0.2 permite a atacantes remotos evitar la Pol\u00edtica de Mismo Origen y acceder a informaci\u00f3n restringida de otros dominios mediante JavaScript que sobrescribe la variable document y establece el atributo document.domain estad\u00edsticamente a unalocalizaci\u00f3n file://, un vector diferente de CVE-2007-3482."}], "lastModified": "2012-10-30T02:52:18.780", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:3.0.2:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32024B14-B4F7-466E-AEF2-0D3A7E8E1060"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}