Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.802192
Category:Mac OS X Local Security Checks
Title:Apple MAC OS X v10.6.8 Safari Multiple Vulnerabilities
Summary:This host is installed with Safari and is prone to multiple; vulnerabilities.
Description:Summary:
This host is installed with Safari and is prone to multiple
vulnerabilities.

Vulnerability Insight:
The flaws are due to

- A directory traversal issue existed in the handling of safari-extension:// URLs.

- A policy issue existed in the handling of file:// URLs.

- An uninitialized memory access issue existed in the handling of SSL certificates.

- Multiple memory corruption issues existed in WebKit.

- A cross-origin issue existed in the handling of the beforeload event,
window.open method, document.documentURI property and inactive DOM windows
in webkit.

- A logic issue existed in the handling of cookies in Private Browsing mode.

Vulnerability Impact:
Successful exploitation could allow attackers to opening a maliciously
crafted files, which leads to an unexpected application termination or arbitrary code execution.

Affected Software/OS:
Safari version prior to 5.1.1 on MAC OS X/Mac OS X Server 10.6.8.

Solution:
Upgrade to Safari version 5.1.1 on later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-3229
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
http://osvdb.org/76388
XForce ISS Database: safari-safari-extension-code-exec(70566)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70566
Common Vulnerability Exposure (CVE) ID: CVE-2011-3230
BugTraq ID: 50162
http://www.securityfocus.com/bid/50162
http://osvdb.org/76389
XForce ISS Database: apple-safari-code-exec(70567)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70567
Common Vulnerability Exposure (CVE) ID: CVE-2011-3231
http://osvdb.org/76390
XForce ISS Database: apple-safari-ssl-code-exec(70568)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70568
Common Vulnerability Exposure (CVE) ID: CVE-2011-1440
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
Debian Security Information: DSA-2245 (Google Search)
http://www.debian.org/security/2011/dsa-2245
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14083
XForce ISS Database: chrome-ruby-css-code-exec(67147)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67147
Common Vulnerability Exposure (CVE) ID: CVE-2011-2338
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
BugTraq ID: 50066
http://www.securityfocus.com/bid/50066
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17362
Common Vulnerability Exposure (CVE) ID: CVE-2011-2339
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17020
Common Vulnerability Exposure (CVE) ID: CVE-2011-2341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17084
Common Vulnerability Exposure (CVE) ID: CVE-2011-2351
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14053
http://www.securitytracker.com/id?1025730
http://secunia.com/advisories/45097
Common Vulnerability Exposure (CVE) ID: CVE-2011-2352
http://osvdb.org/76339
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17133
XForce ISS Database: itunes-webkit-ce(70496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70496
Common Vulnerability Exposure (CVE) ID: CVE-2011-2354
http://osvdb.org/76340
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16865
XForce ISS Database: apple-itunes-unspec-ce(70499)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70499
Common Vulnerability Exposure (CVE) ID: CVE-2011-2356
http://osvdb.org/76341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17340
XForce ISS Database: apple-itunes-addresssanitizer-ce(70500)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70500
Common Vulnerability Exposure (CVE) ID: CVE-2011-2359
Debian Security Information: DSA-2307 (Google Search)
http://www.debian.org/security/2011/dsa-2307
http://osvdb.org/74229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14671
XForce ISS Database: google-chrome-bad-line-ce(68941)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68941
Common Vulnerability Exposure (CVE) ID: CVE-2011-2788
http://osvdb.org/74238
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14330
XForce ISS Database: google-chrome-inspector-bo(68950)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68950
Common Vulnerability Exposure (CVE) ID: CVE-2011-2790
http://osvdb.org/74240
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14078
XForce ISS Database: google-chrome-floating-ce(68952)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68952
Common Vulnerability Exposure (CVE) ID: CVE-2011-2792
http://osvdb.org/74242
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14511
XForce ISS Database: google-chrome-float-removal-ce(68954)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68954
Common Vulnerability Exposure (CVE) ID: CVE-2011-2797
http://osvdb.org/74247
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14437
XForce ISS Database: google-chrome-resource-ce(68959)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68959
Common Vulnerability Exposure (CVE) ID: CVE-2011-2799
http://osvdb.org/74250
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14617
XForce ISS Database: google-chrome-html-range-ce(68961)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68961
Common Vulnerability Exposure (CVE) ID: CVE-2011-2809
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16724
XForce ISS Database: apple-unspec-webkit-ce(70502)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70502
Common Vulnerability Exposure (CVE) ID: CVE-2011-2811
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17051
Common Vulnerability Exposure (CVE) ID: CVE-2011-2813
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17444
Common Vulnerability Exposure (CVE) ID: CVE-2011-2814
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17383
Common Vulnerability Exposure (CVE) ID: CVE-2011-2815
http://osvdb.org/76382
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17370
XForce ISS Database: apple-itunes-memory-ce(70506)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70506
Common Vulnerability Exposure (CVE) ID: CVE-2011-2816
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17076
Common Vulnerability Exposure (CVE) ID: CVE-2011-2817
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17208
Common Vulnerability Exposure (CVE) ID: CVE-2011-2818
http://osvdb.org/74255
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14674
XForce ISS Database: google-chrome-display-box-ce(68968)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68968
Common Vulnerability Exposure (CVE) ID: CVE-2011-2820
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17211
Common Vulnerability Exposure (CVE) ID: CVE-2011-2823
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13789
Common Vulnerability Exposure (CVE) ID: CVE-2011-2827
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14134
Common Vulnerability Exposure (CVE) ID: CVE-2011-2831
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17317
Common Vulnerability Exposure (CVE) ID: CVE-2011-2832
Common Vulnerability Exposure (CVE) ID: CVE-2011-2833
http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
BugTraq ID: 52365
http://www.securityfocus.com/bid/52365
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17276
http://www.securitytracker.com/id?1026774
http://secunia.com/advisories/48274
http://secunia.com/advisories/48288
http://secunia.com/advisories/48377
XForce ISS Database: apple-webkit-cve20112833-code-execution(73789)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73789
Common Vulnerability Exposure (CVE) ID: CVE-2011-2834
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
Debian Security Information: DSA-2394 (Google Search)
http://www.debian.org/security/2012/dsa-2394
HPdes Security Advisory: HPSBMU02786
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
HPdes Security Advisory: SSRT100877
http://www.mandriva.com/security/advisories?name=MDVSA-2011:145
http://osvdb.org/75560
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410
http://www.redhat.com/support/errata/RHSA-2011-1749.html
RedHat Security Advisories: RHSA-2013:0217
http://rhn.redhat.com/errata/RHSA-2013-0217.html
XForce ISS Database: chrome-libxml-code-execution(69885)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69885
Common Vulnerability Exposure (CVE) ID: CVE-2011-3235
http://osvdb.org/76349
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17170
XForce ISS Database: apple-itunes-itunes-store-ce(70512)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70512
Common Vulnerability Exposure (CVE) ID: CVE-2011-3236
http://osvdb.org/76350
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16714
XForce ISS Database: apple-address-ce(70513)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70513
Common Vulnerability Exposure (CVE) ID: CVE-2011-3237
http://osvdb.org/76351
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17207
XForce ISS Database: apple-itunes-mem-cor-ce(70514)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70514
Common Vulnerability Exposure (CVE) ID: CVE-2011-3238
http://osvdb.org/76384
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17212
XForce ISS Database: itunes-mem-cor-ce(70515)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70515
Common Vulnerability Exposure (CVE) ID: CVE-2011-3239
http://osvdb.org/76386
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17483
XForce ISS Database: apple-mem-cor-ce(70516)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70516
Common Vulnerability Exposure (CVE) ID: CVE-2011-3241
http://osvdb.org/76387
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17401
XForce ISS Database: apple-itunes-webkit-mem-ce(70517)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70517
Common Vulnerability Exposure (CVE) ID: CVE-2011-2800
http://osvdb.org/74251
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14711
XForce ISS Database: google-chrome-redirect-info-disc(68962)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68962
Common Vulnerability Exposure (CVE) ID: CVE-2011-2805
http://osvdb.org/74257
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14583
XForce ISS Database: google-chrome-unspecified-xss(68967)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68967
Common Vulnerability Exposure (CVE) ID: CVE-2011-2819
http://osvdb.org/74258
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13716
XForce ISS Database: google-chrome-uri-security-bypass(68969)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68969
Common Vulnerability Exposure (CVE) ID: CVE-2011-3243
BugTraq ID: 50088
http://www.securityfocus.com/bid/50088
http://osvdb.org/76353
XForce ISS Database: webkit-dom-windows-xss(70564)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70564
Common Vulnerability Exposure (CVE) ID: CVE-2011-3242
http://osvdb.org/76391
XForce ISS Database: safari-browsing-security-bypass(70569)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70569
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.