1. Home
  2. CVE Database
  3. CVE-2007-3514
HIGH · 8.5

CVE-2007-3514

Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrite...

Vulnerability Description

Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute to a file:// location, a different vector than CVE-2007-3482.

CVSS Score

8.5

HIGH

AV:N/AC:L/Au:N/C:C/I:P/A:N
Confidentiality
COMPLETE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
AppleSafari3.0.2

References

FAQ

What is CVE-2007-3514?

CVE-2007-3514 is a vulnerability with a CVSS score of 8.5 (HIGH). Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrite...

How severe is CVE-2007-3514?

CVE-2007-3514 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-3514?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari.