Vulnerability Description
Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect.
CVSS Score
6.8
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone | 1.0 |
| Apple | Iphone Os | 1.0.1 |
| Apple | Safari | All versions |
Related Weaknesses (CWE)
References
- http://docs.info.apple.com/article.html?artnum=306586
- http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.htmlPatch
- http://osvdb.org/38532
- http://secunia.com/advisories/26983
- http://securitytracker.com/id?1018752
- http://www.securityfocus.com/bid/25853
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36858
- http://docs.info.apple.com/article.html?artnum=306586
- http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.htmlPatch
- http://osvdb.org/38532
- http://secunia.com/advisories/26983
- http://securitytracker.com/id?1018752
- http://www.securityfocus.com/bid/25853
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36858
FAQ
What is CVE-2007-3759?
CVE-2007-3759 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect.
How severe is CVE-2007-3759?
CVE-2007-3759 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3759?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone, Apple Iphone Os, Apple Safari.