Test ID:	1.3.6.1.4.1.25623.1.0.800834
Category:	Denial of Service
Title:	Apple Safari DoS or XSS Vulnerability - July09
Summary:	This host is installed with Apple Safari Web Browser and is prone to Denial; of Service or Cross-Site Scripting vulnerability.
Description:	Summary: This host is installed with Apple Safari Web Browser and is prone to Denial of Service or Cross-Site Scripting vulnerability. Vulnerability Insight: - Error in 'WebKit' is allow user to inject arbitrary web script or HTML via vectors related to parent and top objects. - Error in 'WebKit' is fails to handle numeric character references via a crafted HTML document. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary code and can cause memory corruption, XSS attacks and can deny the service in the victim's system. Affected Software/OS: Apple Safari version prior to 4.0.2 on Windows. Solution: Upgrade to Safari version 4.0.2 (4.30.19.1). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	BugTraq ID: 35441 BugTraq ID: 35607 Common Vulnerability Exposure (CVE) ID: CVE-2009-1724 http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html http://www.securityfocus.com/bid/35441 http://osvdb.org/55738 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208 http://www.securitytracker.com/id?1022525 http://secunia.com/advisories/35758 http://secunia.com/advisories/36677 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2009/1827 http://www.vupen.com/english/advisories/2011/0212 Common Vulnerability Exposure (CVE) ID: CVE-2009-1725 http://www.securityfocus.com/bid/35607 Debian Security Information: DSA-1950 (Google Search) http://www.debian.org/security/2009/dsa-1950 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:330 http://osvdb.org/55739 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777 http://www.securitytracker.com/id?1022526 http://secunia.com/advisories/36057 http://secunia.com/advisories/36062 http://secunia.com/advisories/36347 http://secunia.com/advisories/36790 http://secunia.com/advisories/37746 http://www.ubuntu.com/usn/USN-836-1 http://www.ubuntu.com/usn/USN-857-1
Copyright	Copyright (C) 2009 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.