CVE-2007-4431 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-4431

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-domain vulnerability in Apple Safari for Windows 3.0.3 and earlier allows remote attackers to bypass the Same Origin Policy, with access from local zones to external domains, via a certain body.innerHTML property value, aka classic JavaScript frame hijacking.

Affected Software

Name	Vendor	Start Version	End Version
Safari	Apple	*	3.0.3 (including)

References

http://osvdb.org/46720
http://sla.ckers.org/forum/read.php?3%2C14151
http://www.0x000000.com/index.php?i=420
http://www.securityfocus.com/bid/25355
http://www.thespanner.co.uk/2007/08/17/safari-beta-zero-day/
http://osvdb.org/46720
http://sla.ckers.org/forum/read.php?3%2C14151
http://www.0x000000.com/index.php?i=420
http://www.securityfocus.com/bid/25355
http://www.thespanner.co.uk/2007/08/17/safari-beta-zero-day/