CVE-2007-2399 - Vulnerability Details - OpenCVE

WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Iphone Os Mac Os X Mac Os X Server

Configuration 1 [-]

AND

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:mac_os_x:10.3.9:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.9:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::*

No data.

References

Link	Providers
http://docs.info.apple.com/article.html?artnum=305759
http://docs.info.apple.com/article.html?artnum=306173
http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html
http://osvdb.org/36130
http://osvdb.org/36450
http://secunia.com/advisories/25786
http://secunia.com/advisories/26287
http://www.kb.cert.org/vuls/id/389868
http://www.securityfocus.com/bid/24597
http://www.securitytracker.com/id?1018281
http://www.vupen.com/english/advisories/2007/2296
http://www.vupen.com/english/advisories/2007/2316
http://www.vupen.com/english/advisories/2007/2731
https://exchange.xforce.ibmcloud.com/vulnerabilities/35019

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-25T19:00:00

Updated: 2024-08-07T13:33:28.766Z

Reserved: 2007-04-30T00:00:00

Link: CVE-2007-2399

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-06-25T19:30:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-2399

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-06-22T00:00:00", "descriptions": [{"lang": "en", "value": "WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an \"invalid type conversion\", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-2316", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2316"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=306173"}, {"name": "APPLE-SA-2007-06-22", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"}, {"name": "25786", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25786"}, {"name": "36130", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/36130"}, {"name": "36450", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/36450"}, {"name": "24597", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24597"}, {"name": "26287", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26287"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=305759"}, {"name": "macos-framesets-code-execution(35019)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"}, {"name": "ADV-2007-2731", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2731"}, {"name": "VU#389868", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/389868"}, {"name": "1018281", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018281"}, {"name": "ADV-2007-2296", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2296"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2399", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an \"invalid type conversion\", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-2316", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2316"}, {"name": "http://docs.info.apple.com/article.html?artnum=306173", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=306173"}, {"name": "APPLE-SA-2007-06-22", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"}, {"name": "25786", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25786"}, {"name": "36130", "refsource": "OSVDB", "url": "http://osvdb.org/36130"}, {"name": "36450", "refsource": "OSVDB", "url": "http://osvdb.org/36450"}, {"name": "24597", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24597"}, {"name": "26287", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26287"}, {"name": "http://docs.info.apple.com/article.html?artnum=305759", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=305759"}, {"name": "macos-framesets-code-execution(35019)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"}, {"name": "ADV-2007-2731", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2731"}, {"name": "VU#389868", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/389868"}, {"name": "1018281", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018281"}, {"name": "ADV-2007-2296", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2296"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:33:28.766Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-2316", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2316"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=306173"}, {"name": "APPLE-SA-2007-06-22", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"}, {"name": "25786", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25786"}, {"name": "36130", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/36130"}, {"name": "36450", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/36450"}, {"name": "24597", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24597"}, {"name": "26287", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26287"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=305759"}, {"name": "macos-framesets-code-execution(35019)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"}, {"name": "ADV-2007-2731", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2731"}, {"name": "VU#389868", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/389868"}, {"name": "1018281", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018281"}, {"name": "ADV-2007-2296", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2296"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2399", "datePublished": "2007-06-25T19:00:00", "dateReserved": "2007-04-30T00:00:00", "dateUpdated": "2024-08-07T13:33:28.766Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "6095A36B-BE17-4F65-81E6-2CAFACDF9577", "versionEndIncluding": "1.0", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an \"invalid type conversion\", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption."}, {"lang": "es", "value": "WebKit en Apple Mac OS X versiones 10.3.9, 10.4.9 y posteriores, y iPhone versiones anteriores a 1.0.1, realiza una \"invalid type conversion\", que permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de conjuntos de tramas no especificados que desencadenan una corrupci\u00f3n de memoria."}], "id": "CVE-2007-2399", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-06-25T19:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=305759"}, {"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=306173"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/36130"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/36450"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25786"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26287"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/389868"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24597"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securitytracker.com/id?1018281"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2296"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2316"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2731"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=305759"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=306173"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/36130"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/36450"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25786"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26287"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/389868"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24597"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securitytracker.com/id?1018281"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2296"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2316"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2731"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35019"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}