[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Cross-origin bypass vulnerability in Apple Safari due to a permissions issue - CVE-2017-7090

ID: oval:org.secpod.oval:def:42203Date: (C)2017-09-27   (M)2017-09-27
Class: VULNERABILITYFamily: macos




The host is installed with Apple Safari before 11 and is prone to a cross-origin bypass vulnerability. A flaw is present in the application, which fails to properly handle cookies for custom URL schemes. Successful exploitation may lead to cookies belonging to one origin may be sent to another origin.

Platform:
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X 10.13
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Apple Mac OS X Server 10.12
Apple Mac OS X Server 10.13
Product:
Apple Safari
Reference:
CVE-2017-7090

© 2013 SecPod Technologies