Unrated severityNVD Advisory· Published Aug 3, 2007· Updated Jun 16, 2026
CVE-2007-2410
CVE-2007-2410
Description
WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
Affected products
2cpe:2.3:a:apple:webcore:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:webcore:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/26235nvdPatchVendor Advisory
- securitytracker.com/idnvdPatch
- www.securityfocus.com/bid/25159nvdPatch
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlnvd
- www.vupen.com/english/advisories/2007/2732nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/35743nvd
News mentions
0No linked articles in our index yet.