CVE-2003-0975
5
CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Description
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None
Affected Software Configurations
- a apple safari 1.0 * * * * * * *
- a apple safari 1.1 * * * * * * *
- o apple mac_os_x 10.2.8 * * * * * * *
- o apple mac_os_x 10.3.1 * * * * * * *
- o apple mac_os_x_server 10.2.8 * * * * * * *
- o apple mac_os_x_server 10.3.1 * * * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://docs.info.apple.com/article.html?artnum=61798
- http://lists.apple.com/mhonarc/security-announce/msg00042.html
- http://marc.info/?l=bugtraq&m=106917674428552&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7973
- http://docs.info.apple.com/article.html?artnum=61798
- http://lists.apple.com/mhonarc/security-announce/msg00042.html
- http://marc.info/?l=bugtraq&m=106917674428552&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7973