Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.900002
Category:General
Title:Apple Safari for Windows Multiple Vulnerabilities July-08
Summary:The host is installed with Apple Safari Web Browser, which is; prone to multiple vulnerabilities.
Description:Summary:
The host is installed with Apple Safari Web Browser, which is
prone to multiple vulnerabilities.

Vulnerability Insight:
The vulnerability exists due to:

- improper handling of BMP and GIF images that can lead to disclosure of
system memory contents.

- handling of files that are downloaded from a website which is in
Internet Explorer 7 Zone with the Launching applications and unsafe files set to
Enable, or in the Internet Explorer 6 Local Intranet or Trusted sites zone causing
safari to launch unsafe executables.

- an error in handling JavaScript arrays that can lead to memory corruption.

Vulnerability Impact:
Successful exploitation by attacker could lead to exposure of
sensitive information, system access or denying the application and allow execution of arbitrary code.

Affected Software/OS:
Apple Safari versions prior to 3.1.2 on Windows (All).

Solution:
Update Safari to version 3.1.2.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 29412
BugTraq ID: 29413
BugTraq ID: 29835
Common Vulnerability Exposure (CVE) ID: CVE-2008-1573
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html
http://www.securityfocus.com/bid/29412
BugTraq ID: 29513
http://www.securityfocus.com/bid/29513
Cert/CC Advisory: TA08-150A
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
http://securitytracker.com/id?1020144
http://secunia.com/advisories/30430
http://secunia.com/advisories/30775
http://www.vupen.com/english/advisories/2008/1697
http://www.vupen.com/english/advisories/2008/1882/references
XForce ISS Database: macosx-imageio-information-disclosure(42721)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42721
Common Vulnerability Exposure (CVE) ID: CVE-2008-2306
http://www.securityfocus.com/bid/29835
CERT/CC vulnerability note: VU#127185
http://www.kb.cert.org/vuls/id/127185
http://www.securitytracker.com/id?1020329
Common Vulnerability Exposure (CVE) ID: CVE-2008-2307
http://lists.apple.com/archives/security-announce/2008//Jun/msg00003.html
http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html
BugTraq ID: 29836
http://www.securityfocus.com/bid/29836
CERT/CC vulnerability note: VU#361043
http://www.kb.cert.org/vuls/id/361043
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00279.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00319.html
http://www.securitytracker.com/id?1020330
http://secunia.com/advisories/30801
http://secunia.com/advisories/30992
http://secunia.com/advisories/31074
http://www.vupen.com/english/advisories/2008/1980
http://www.vupen.com/english/advisories/2008/1981/references
http://www.vupen.com/english/advisories/2008/2094/references
CopyrightCopyright (C) 2008 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.