CVE-2007-0478 - OpenCVE

WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apple	Mac Os X Webcore Safari

Configuration 1 [-]

AND

OR	cpe:2.3:o:apple:mac_os_x:10.3.9:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.10:::::::*

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:a:apple:webcore::::::::

References

Link	Resource
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://osvdb.org/32712
http://secunia.com/advisories/23893	Vendor Advisory
http://secunia.com/advisories/26235	Vendor Advisory
http://securitytracker.com/id?1018494
http://www.beanfuzz.com/wordpress/?p=99
http://www.securityfocus.com/archive/1/457763/100/0/threaded
http://www.securityfocus.com/bid/25159
http://www.vupen.com/english/advisories/2007/2732
https://exchange.xforce.ibmcloud.com/vulnerabilities/31846

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-01-25T00:00:00

Updated: 2018-10-16T14:57:01

Reserved: 2007-01-24T00:00:00

Link: CVE-2007-0478

JSON object: View

NVD Information

Status : Modified

Published: 2007-01-25T00:28:00.000

Modified: 2018-10-16T16:32:57.870

Link: CVE-2007-0478

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-01-23T00:00:00", "descriptions": [{"lang": "en", "value": "WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-2732", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "23893", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23893"}, {"name": "20070123 Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/457763/100/0/threaded"}, {"name": "APPLE-SA-2007-07-31", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "32712", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/32712"}, {"name": "1018494", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018494"}, {"tags": ["x_refsource_MISC"], "url": "http://www.beanfuzz.com/wordpress/?p=99"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "25159", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25159"}, {"name": "safari-html-comment-xss(31846)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31846"}, {"name": "26235", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26235"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0478", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-2732", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "23893", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23893"}, {"name": "20070123 Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/457763/100/0/threaded"}, {"name": "APPLE-SA-2007-07-31", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "32712", "refsource": "OSVDB", "url": "http://osvdb.org/32712"}, {"name": "1018494", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018494"}, {"name": "http://www.beanfuzz.com/wordpress/?p=99", "refsource": "MISC", "url": "http://www.beanfuzz.com/wordpress/?p=99"}, {"name": "http://docs.info.apple.com/article.html?artnum=306172", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "25159", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25159"}, {"name": "safari-html-comment-xss(31846)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31846"}, {"name": "26235", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26235"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0478", "datePublished": "2007-01-25T00:00:00", "dateReserved": "2007-01-24T00:00:00", "dateUpdated": "2018-10-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:webcore:*:*:*:*:*:*:*:*", "matchCriteriaId": "918442A6-677E-47A1-BD22-F0E9FF1E0048", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment."}, {"lang": "es", "value": "En WebCore en Apple Mac OS X versiones 10.3.9 y 10.4.10, tal como es usado en Safari, no analiza de forma apropiada los comentarios HTML en elementos TITLE, lo que permite a los atacantes remotos conducir ataques de tipo Cross-Site Scripting (XSS) y omitir algunos esquemas de protecci\u00f3n XSS insertando ciertas etiquetas HTML dentro de un comentario HTML."}], "id": "CVE-2007-0478", "lastModified": "2018-10-16T16:32:57.870", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-01-25T00:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/32712"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23893"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26235"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018494"}, {"source": "cve@mitre.org", "url": "http://www.beanfuzz.com/wordpress/?p=99"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/457763/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25159"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31846"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}