Unrated severityNVD Advisory· Published Mar 19, 2008· Updated Apr 23, 2026
CVE-2008-1003
CVE-2008-1003
Description
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to sites that set the document.domain property or have the same document.domain.
Affected products
16cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- lists.apple.com/archives/security-announce/2008/Mar/msg00000.htmlnvdPatch
- www.us-cert.gov/cas/techalerts/TA08-079A.htmlnvdUS Government Resource
- docs.info.apple.com/article.htmlnvd
- secunia.com/advisories/29393nvd
- www.securityfocus.com/bid/28290nvd
- www.securityfocus.com/bid/28330nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/0920/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41334nvd
News mentions
0No linked articles in our index yet.