Описание
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apple:safari:*:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*
EPSS
Процентиль: 93%
0.09252
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
EPSS
Процентиль: 93%
0.09252
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-264