cvelistv5 - cve-2007-2399

CVE-2007-2399 (GCVE-0-2007-2399)

Vulnerability from cvelistv5

Published

2007-06-25 19:00

Modified

2024-08-07 13:33

Severity ?

CWE

Summary

WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/2316	vdb-entry, x_refsource_VUPEN
	http://docs.info.apple.com/article.html?artnum=306173	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/25786	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/36130	vdb-entry, x_refsource_OSVDB
	http://osvdb.org/36450	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/24597	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/26287	third-party-advisory, x_refsource_SECUNIA
	http://docs.info.apple.com/article.html?artnum=305759	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/35019	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2007/2731	vdb-entry, x_refsource_VUPEN
	http://www.kb.cert.org/vuls/id/389868	third-party-advisory, x_refsource_CERT-VN
	http://www.securitytracker.com/id?1018281	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2007/2296	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:33:28.766Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2316"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=306173"
          },
          {
            "name": "APPLE-SA-2007-06-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"
          },
          {
            "name": "25786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25786"
          },
          {
            "name": "36130",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36130"
          },
          {
            "name": "36450",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36450"
          },
          {
            "name": "24597",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24597"
          },
          {
            "name": "26287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=305759"
          },
          {
            "name": "macos-framesets-code-execution(35019)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"
          },
          {
            "name": "ADV-2007-2731",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2731"
          },
          {
            "name": "VU#389868",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/389868"
          },
          {
            "name": "1018281",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018281"
          },
          {
            "name": "ADV-2007-2296",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2296"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an \"invalid type conversion\", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2316"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=306173"
        },
        {
          "name": "APPLE-SA-2007-06-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"
        },
        {
          "name": "25786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25786"
        },
        {
          "name": "36130",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36130"
        },
        {
          "name": "36450",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36450"
        },
        {
          "name": "24597",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24597"
        },
        {
          "name": "26287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=305759"
        },
        {
          "name": "macos-framesets-code-execution(35019)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"
        },
        {
          "name": "ADV-2007-2731",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2731"
        },
        {
          "name": "VU#389868",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/389868"
        },
        {
          "name": "1018281",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018281"
        },
        {
          "name": "ADV-2007-2296",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2296"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2399",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an \"invalid type conversion\", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2316",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2316"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=306173",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=306173"
            },
            {
              "name": "APPLE-SA-2007-06-22",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"
            },
            {
              "name": "25786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25786"
            },
            {
              "name": "36130",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36130"
            },
            {
              "name": "36450",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36450"
            },
            {
              "name": "24597",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24597"
            },
            {
              "name": "26287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26287"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305759",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=305759"
            },
            {
              "name": "macos-framesets-code-execution(35019)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"
            },
            {
              "name": "ADV-2007-2731",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2731"
            },
            {
              "name": "VU#389868",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/389868"
            },
            {
              "name": "1018281",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018281"
            },
            {
              "name": "ADV-2007-2296",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2296"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2399",
    "datePublished": "2007-06-25T19:00:00.000Z",
    "dateReserved": "2007-04-30T00:00:00.000Z",
    "dateUpdated": "2024-08-07T13:33:28.766Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-277

Vulnerability from certfr_avis

Deux vulnérabilités ont été identifiées dans le système d'exploitation MacOS X. Leur exploitation, par le biais d'une navigation sur une page malveillante, peut entraîner une injection de code indirecte (cross-site scripting), un dysfonctionnement de l'application voire l'exécution de code arbitraire sur le système vulnérable.

Description

Deux vulnérabilités ont été identifiées dans le système d'exploitation MacOS X.

WebCore, et en particulier XMLHttpRequest ne manipulerait pas correctement certaines requêtes HTTP. Cette vulnérabilité pourrait amener un utilisateur naviguant sur une page malveillante à conduire une attaque par injection de code indirecte (cross-site scripting) ;
WebKit ne convertirait pas correctement certains types au cours du rendu des cadres dans une page, pouvant provoquer une corruption de la mémoire. Cette vulnérabilité peut être exploitée par le biais d'une page Web spécialement construite : celle-ci provoquerait un dysfonctionnement de l'application voire l'exécution de code arbitraire sur le système vulnérable.

Solution

Se référer au bulletin de sécurité 2007-006 de l'éditeur Apple pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	macOS	MacOS X Server v10.3.9 ;
Apple	macOS	MacOS X Server v10.4.9 ou une version plus ancienne.
Apple	macOS	MacOS X v10.3.9 ;
Apple	macOS	MacOS X v10.4.9 ou une version plus ancienne ;

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted