CVE-2007-4671

Name of the Vulnerable Software and Affected Versions: Safari versions prior to 3.0.4 on Windows and Mac OS X Safari in Apple iPhone version 1.1.1

Description: The issue allows remote attackers to alter or access HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain.

Recommendations: For Safari versions prior to 3.0.4 on Windows and Mac OS X, update to version 3.0.4 or later to resolve the issue. For Safari in Apple iPhone version 1.1.1, there is no information about a newer version that contains a fix for this vulnerability.