CVE-2007-2409 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-2409

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x	Apple	10.3.9 (including)	10.3.9 (including)
Mac_os_x	Apple	10.4.10 (including)	10.4.10 (including)
Mac_os_x_server	Apple	10.3.9 (including)	10.3.9 (including)
Mac_os_x_server	Apple	10.4.10 (including)	10.4.10 (including)

References

http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://secunia.com/advisories/26235
http://securitytracker.com/id?1018494
http://www.securityfocus.com/bid/25159
http://www.vupen.com/english/advisories/2007/2732
https://exchange.xforce.ibmcloud.com/vulnerabilities/35740