Unrated severityNVD Advisory· Published Jun 23, 2008· Updated Jun 16, 2026
CVE-2008-2306
CVE-2008-2306
Description
Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <=3.1.1
- cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*
- (no CPE)range: <3.1.2
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.