CVE-2007-2580

Severity

19%

Complexity

34%

Confidentiality

48%

Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an AppleScript script.

Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an AppleScript script.

CVSS 2.0 Base Score 1.9. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:N/A:N).

Overview

First reported 17 years ago

2007-05-09 21:19:00

Last updated 6 years ago

2018-10-16 16:44:00

Affected Software

Apple Safari

References

2685

35569

20070504 safari's saved password at risk

20070514 Apple Safari on MacOSX may reveal user's saved passwords

20070514 RE: Apple Safari on MacOSX may reveal user's saved passwords

20070514 Re: RE: Apple Safari on MacOSX may reveal user's saved passwords

20070515 RE: Apple Safari on MacOSX may reveal user's saved passwords

20070515 Re: Apple Safari on MacOSX may reveal user's saved passwords

20070516 Re: Apple Safari on MacOSX may reveal user's saved passwords

20070516 RE: Apple Safari on MacOSX may reveal user's saved passwords

20070517 Re: Apple Safari on MacOSX may reveal user's saved passwords

23825

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.