CVE-2007-2401
Apple WebCore - XMLHTTPRequest Cross-Site Scripting
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializing headers via the setRequestHeader function. NOTE: this issue can be leveraged for cross-site scripting (XSS) attacks.
Una vulnerabilidad de inyección de CRLF en WebCore en Mac OS X las versiones 10.3.9, 10.4.9 y posterior, y iPhone anterior a la versión 1.0.1, permite a atacantes remotos inyectar encabezados HTTP arbitrarios por medio de caracteres LF en una petición XMLHttpRequest, que no se filtran al serializar los encabezados por medio de la función setRequestHeader. NOTA: este problema puede explotarse por ataques de tipo cross-site scripting (XSS).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-04-30 CVE Reserved
- 2007-06-22 First Exploit
- 2007-06-25 CVE Published
- 2024-07-13 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://docs.info.apple.com/article.html?artnum=305759 | X_refsource_confirm | |
| http://docs.info.apple.com/article.html?artnum=306173 | X_refsource_confirm | |
| http://osvdb.org/36449 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/845708 | Third Party Advisory |
|
| http://www.securityfocus.com/archive/1/472198/100/0/threaded | Mailing List | |
| http://www.vupen.com/english/advisories/2007/2296 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2316 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2731 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35017 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/30228 | 2007-06-22 |
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html | 2022-08-09 | |
| http://secunia.com/advisories/25786 | 2022-08-09 | |
| http://www.securityfocus.com/bid/24598 | 2022-08-09 | |
| http://www.securitytracker.com/id?1018281 | 2022-08-09 | |
| http://www.westpoint.ltd.uk/advisories/wp-07-0002.txt | 2022-08-09 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/26287 | 2022-08-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | 10.3.9 Search vendor "Apple" for product "Mac Os X" and version "10.3.9" | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | <= 1.0 Search vendor "Apple" for product "Iphone Os" and version " <= 1.0" | - |
Safe
|
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | 10.4.9 Search vendor "Apple" for product "Mac Os X" and version "10.4.9" | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | <= 1.0 Search vendor "Apple" for product "Iphone Os" and version " <= 1.0" | - |
Safe
|
| Apple Search vendor "Apple" | Mac Os X Server Search vendor "Apple" for product "Mac Os X Server" | 10.3.9 Search vendor "Apple" for product "Mac Os X Server" and version "10.3.9" | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | <= 1.0 Search vendor "Apple" for product "Iphone Os" and version " <= 1.0" | - |
Safe
|
| Apple Search vendor "Apple" | Mac Os X Server Search vendor "Apple" for product "Mac Os X Server" | 10.4.9 Search vendor "Apple" for product "Mac Os X Server" and version "10.4.9" | - |
Affected
| in | Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | <= 1.0 Search vendor "Apple" for product "Iphone Os" and version " <= 1.0" | - |
Safe
|