Search criteria
21 vulnerabilities found for cfnetwork by apple
VAR-201008-0308
Vulnerability from variot - Updated: 2023-12-18 12:31CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses. Apple Mac OS X is prone to an information-disclosure vulnerability that exists in the CFNetwork component. An attacker can exploit this issue to redirect connections and intercept user credentials or other sensitive information. This may lead to other attacks. This issue does not affect the Apple Mail application. Mac OS X 10.6.4, Mac OS X Server 10.6.4 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201008-0308",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cfnetwork",
"scope": null,
"trust": 1.4,
"vendor": "apple",
"version": null
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "cfnetwork",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
}
],
"sources": [
{
"db": "BID",
"id": "42651"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1800"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bjurman of Sirius IT, Jean-Luc Giraud of Citrix, and Aaron Sigel of vtty.com",
"sources": [
{
"db": "BID",
"id": "42651"
}
],
"trust": 0.3
},
"cve": "CVE-2010-1800",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2010-1800",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-44405",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-1800",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201008-293",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-44405",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44405"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses. Apple Mac OS X is prone to an information-disclosure vulnerability that exists in the CFNetwork component. \nAn attacker can exploit this issue to redirect connections and intercept user credentials or other sensitive information. This may lead to other attacks. \nThis issue does not affect the Apple Mail application. \nMac OS X 10.6.4, Mac OS X Server 10.6.4 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"db": "BID",
"id": "42651"
},
{
"db": "VULHUB",
"id": "VHN-44405"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1800",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1024359",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201008-293",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2010-08-24-1",
"trust": 0.6
},
{
"db": "BID",
"id": "42651",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-44405",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44405"
},
{
"db": "BID",
"id": "42651"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
]
},
"id": "VAR-201008-0308",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44405"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:31:29.372000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4312",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4312"
},
{
"title": "HT4312",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4312?viewlocale=ja_jp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44405"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"db": "NVD",
"id": "CVE-2010-1800"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1024359"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2010//aug/msg00003.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4312"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1800"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1800"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44405"
},
{
"db": "BID",
"id": "42651"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-44405"
},
{
"db": "BID",
"id": "42651"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-25T00:00:00",
"db": "VULHUB",
"id": "VHN-44405"
},
{
"date": "2010-08-24T00:00:00",
"db": "BID",
"id": "42651"
},
{
"date": "2010-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"date": "2010-08-25T20:00:16.737000",
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"date": "2010-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-26T00:00:00",
"db": "VULHUB",
"id": "VHN-44405"
},
{
"date": "2010-08-24T00:00:00",
"db": "BID",
"id": "42651"
},
{
"date": "2010-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001970"
},
{
"date": "2010-08-26T04:00:00",
"db": "NVD",
"id": "CVE-2010-1800"
},
{
"date": "2010-09-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X of CFNetwork Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001970"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-293"
}
],
"trust": 0.6
}
}
VAR-200701-0397
Vulnerability from variot - Updated: 2023-12-18 11:52The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference. Apple CFNetwork Framework is prone to a denial-of-service vulnerability. Attackers may exploit this issue by issuing a maliciously designed HTTP response to a client application that uses the vulnerable CFNetwork API. Successful exploits will result in denial-of-service conditions within client applications. CFNetwork 129.19 on Mac OS X 10.4.8 is vulnerable to this issue. Remote attackers may use this vulnerability to cause the client to crash. CFNetwork is a Core Services framework that provides the function libraries needed to decompress network protocols. This vulnerability can be triggered if the server sends a specially crafted response to a client using this API, resulting in a denial of service condition.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA27643
VERIFY ADVISORY: http://secunia.com/advisories/27643/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, Privilege escalation, DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
1) Multiple errors within the Adobe Flash Player plug-in can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.
For more information: SA26027
2) A null-pointer dereference error exists within AppleRAID when handling disk images. This can be exploited to cause a system shutdown when a specially crafted disk image is mounted e.g. automatically via Safari if the option "Open 'safe' files after downloading" is enabled.
3) An error in BIND can be exploited by malicious people to poison the DNS cache.
For more information: SA26152
4) An error in bzip2 can be exploited to cause a DoS (Denial of Service).
For more information: SA15447
This also fixes a race condition when setting file permissions.
5) An unspecified error in the implementation of FTP of CFNetwork can be exploited by a malicious FTP server to cause the client to connect to other hosts by sending specially crafted replies to FTP PASV (passive) commands.
6) An unspecified error exists in the validation of certificates within CFNetwork. This can be exploited via a Man-in-the-Middle (MitM) attack to spoof a web site with a trusted certificate.
7) A null pointer dereference error in the CFNetwork framework can lead to an unexpected application termination when a vulnerable application connects to a malicious server.
8) A boundary error in CoreFoundation can be exploited to cause a one-byte buffer overflow when a user is enticed to read a specially crafted directory hierarchy.
Successful exploitation allows execution of arbitrary code.
9) An error exists in CoreText due to the use of an uninitialised pointer and can be exploited to execute arbitrary code when a user is tricked into reading a specially crafted text.
10) Some vulnerabilities in Kerberos can be exploited by malicious users and malicious people to compromise a vulnerable system.
For more information: SA26676
11) An error in the handling of the current Mach thread port or thread exception port in the Kernel can be exploited by a malicious, local user to execute arbitrary code with root privileges.
Successful exploitation requires permission to execute a setuid binary.
12) An unspecified error in the Kernel can be exploited to bypass the chroot mechanism by changing the working directory using a relative path.
13) An integer overflow error in the "i386_set_ldt" system call can be exploited by malicious, local users to execute arbitrary code with escalated privileges.
14) An error exists in the handling of standard file descriptors while executing setuid and setgid programs. This can be exploited by malicious, local users to gain system privileges by executing setuid programs with the standard file descriptors in an unexpected state.
15) An integer overflow exists in the Kernel when handling ioctl requests. This can be exploited to execute arbitrary code with system privileges by sending a specially crafted ioctl request.
16) The default configuration of tftpd allows clients to access any path on the system.
17) An error in the Node Information Query mechanism may allow a remote user to query for all addresses of a host, including link-local addresses.
18) An integer overflow exists in the handling of ASP messages with AppleTalk. This can be exploited by malicious, local users to cause a heap-based buffer overflow and to execute arbitrary code with system privileges by sending a maliciously crafted ASP message on an AppleTalk socket.
19) A double-free error in the handling of certain IPV6 packets can potentially be exploited to execute arbitrary code with system privileges.
20) A boundary error exists when adding a new AppleTalk zone. This can be exploited to cause a stack-based buffer overflow by sending a maliciously crafted ioctl request to an AppleTalk socket and allows execution of arbitrary code with system privileges.
21) An arithmetic error exists in AppleTalk when handling memory allocations. This can be exploited by malicious, local users to cause a heap-based buffer overflow and execute arbitrary code with system privileges by sending a maliciously crafted AppleTalk message.
22) A double free error in NFS exists when processing an AUTH_UNIX RPC call. This can be exploited by malicious people to execute arbitrary code by sending a maliciously crafted AUTH_UNIX RPC call via TCP or UDP.
23) An unspecified case-sensitivity error exists in NSURL when determining if a URL references the local file system.
24) A format string error in Safari can be exploited by malicious people to execute arbitrary code when a user is tricked into opening a .download file with a specially crafted name.
25) An implementation error exists in the tabbed browsing feature of Safari. If HTTP authentication is used by a site being loaded in a tab other than the active tab, an authentication sheet may be displayed although the tab and its corresponding page are not visible.
26) A person with physical access to a system may be able to bypass the screen saver authentication dialog by sending keystrokes to a process running behind the screen saver authentication dialog.
27) Safari does not block "file://" URLs when loading resources. This can be exploited to view the content of local files by enticing a user to visit a specially crafted web page.
28) An input validation error exists in WebCore when handling HTML forms. This can be exploited to alter the values of form fields by enticing a user to upload a specially crafted file.
29) A race condition error exists in Safari when handling page transitions. This can be exploited to obtain information entered in forms on other web sites by enticing a user to visit a malicious web page.
30) An unspecified error exists in the handling of the browser's history. This can be exploited to execute arbitrary code by enticing a user to visit a specially crafted web page.
31) An error in Safari allows malicious websites to set Javascript window properties of websites served from a different domain. This can be exploited to get or set the window status and location of pages served from other websites by enticing a user to visit a specially crafted web page.
32) An error in Safari allows a malicious website to bypass the same origin policy by hosting embedded objects with javascript URLs. This can be exploited to execute arbitrary HTML and script code in context of another site by enticing a user to visit a specially crafted web page.
33) An error in Safari allows content served over HTTP to alter or access content served over HTTPS in the same domain. This can be exploited to execute Javascript code in context of HTTPS web pages in that domain when a user visits a malicious web page.
34) An error in Safari in the handling of new browser windows can be exploited to disclose the URL of an unrelated page.
For more information see vulnerability #2 in: SA23893
35) An error in WebKit may allow unauthorised applications to access private keys added to the keychain by Safari.
36) An unspecified error in Safari may allow a malicious website to send remotely specified data to arbitrary TCP ports.
37) WebKit/Safari creates temporary files insecurely when previewing a PDF file, which may allow a local user to access the file's content. 5) The vendor credits Dr Bob Lopez PhD. 6) The vendor credits Marko Karppinen, Petteri Kamppuri, and Nikita Zhuk of MK&C. 9) Will Dormann, CERT/CC 11) An anonymous person, reported via iDefense Labs. 12) The vendor credits Johan Henselmans and Jesper Skov. 13) The vendor credits RISE Security. 14) The vendor credits Ilja van Sprundel. 15) The vendor credits Tobias Klein, www.trapkit.de 16) The vendor credits James P. Javery, Stratus Data Systems 17) The vendor credits Arnaud Ebalard, EADS Innovation Works. 18, 21) Sean Larsson, iDefense Labs 19) The vendor credits Bhavesh Davda of VMware and Brian "chort" Keefer of Tumbleweed Communications. 20) An anonymous person, reported via iDefense Labs. 22) The vendor credits Alan Newson of NGSSoftware, and Renaud Deraison of Tenable Network Security, Inc. 25) The vendor credits Michael Roitzsch, Technical University Dresden. 26) The vendor credits Faisal N. Jawdat 27) The vendor credits lixlpixel. 28) The vendor credits Bodo Ruskamp, Itchigo Communications GmbH. 29) The vendor credits Ryan Grisso, NetSuite. 30) The vendor credits David Bloom. 31, 32) The vendor credits Michal Zalewski, Google Inc. 33) The vendor credits Keigo Yamazaki of LAC Co. 36) The vendor credits Kostas G. Anagnostakis, Institute for Infocomm Research and Spiros Antonatos, FORTH-ICS 37) The vendor credits Jean-Luc Giraud, and Moritz Borgmann of ETH Zurich.
ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=307041
US-CERT VU#498105: http://www.kb.cert.org/vuls/id/498105
iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=630 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=629 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=627 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=628
OTHER REFERENCES: SA15447: http://secunia.com/advisories/15447/
SA23893: http://secunia.com/advisories/23893/
SA26027: http://secunia.com/advisories/26027/
SA26152: http://secunia.com/advisories/26152/
SA26676: http://secunia.com/advisories/26676/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
I. Further details are available in the related vulnerability notes.
II. Impact
The impacts of these vulnerabilities vary. Potential consequences include remote execution of arbitrary code or commands, bypass of security restrictions, and denial of service.
III. This and other updates are available via Apple Update or via Apple Downloads.
IV. Please send email to cert@cert.org with "TA07-319A Feedback VU#498105" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2007 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
November 15, 2007: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRzx7ZvRFkHkM87XOAQJfIQgAmTZfjJAY/QTweUmvZtOJ9JQ4e/Gj0sE9 OPSrK/SplP92WUL1Ucb8I/VUSQEXXJhNv9dTCMcy7IMpqhx4UxPA6fBKWDJ+nUFi sx/60EOAiIVW+yYK79VdoI1jrSs48E+CNdqEJCQcjUCVi29eGAdW63H2jOZV37/F 4iQBZYRqhiycZ9FS+S+9aRfMhfy8dEOr1UwIElq6X/tSwss1EKFSNrK5ktGifUtB AJ+LJVBt2yZOIApcGhsxC3LYUDrDfhqGLIVM2XBc1yuV7Y2gaH4g9Txe+fWK79X2 LYHvhv2xtgLweR12YC+0hT60wSdrDTM6ZW0//ny25LZ7Y7D46ogSWQ== =AgEr -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cfnetwork",
"scope": "eq",
"trust": 1.0,
"vendor": "cfnetwork",
"version": "129.19"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4 to v10.4.10 version"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4 to v10.4.10 version"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "cfnetwork",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "129.19"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498105"
},
{
"db": "BID",
"id": "22249"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cfnetwork:cfnetwork:129.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0464"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LMH lmh@info-pull.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-0464",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-23826",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-0464",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#498105",
"trust": 0.8,
"value": "7.76"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-544",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-23826",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498105"
},
{
"db": "VULHUB",
"id": "VHN-23826"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference. Apple CFNetwork Framework is prone to a denial-of-service vulnerability. \nAttackers may exploit this issue by issuing a maliciously designed HTTP response to a client application that uses the vulnerable CFNetwork API. \nSuccessful exploits will result in denial-of-service conditions within client applications. \nCFNetwork 129.19 on Mac OS X 10.4.8 is vulnerable to this issue. Remote attackers may use this vulnerability to cause the client to crash. CFNetwork is a Core Services framework that provides the function libraries needed to decompress network protocols. This vulnerability can be triggered if the server sends a specially crafted response to a client using this API, resulting in a denial of service condition. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Mac OS X Security Update Fixes Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA27643\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27643/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting, Spoofing, Exposure of\nsensitive information, Privilege escalation, DoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) Multiple errors within the Adobe Flash Player plug-in can be\nexploited by malicious people to gain knowledge of sensitive\ninformation or compromise a user\u0027s system. \n\nFor more information:\nSA26027\n\n2) A null-pointer dereference error exists within AppleRAID when\nhandling disk images. This can be exploited to cause a system\nshutdown when a specially crafted disk image is mounted e.g. \nautomatically via Safari if the option \"Open \u0027safe\u0027 files after\ndownloading\" is enabled. \n\n3) An error in BIND can be exploited by malicious people to poison\nthe DNS cache. \n\nFor more information:\nSA26152\n\n4) An error in bzip2 can be exploited to cause a DoS (Denial of\nService). \n\nFor more information:\nSA15447\n\nThis also fixes a race condition when setting file permissions. \n\n5) An unspecified error in the implementation of FTP of CFNetwork can\nbe exploited by a malicious FTP server to cause the client to connect\nto other hosts by sending specially crafted replies to FTP PASV\n(passive) commands. \n\n6) An unspecified error exists in the validation of certificates\nwithin CFNetwork. This can be exploited via a Man-in-the-Middle\n(MitM) attack to spoof a web site with a trusted certificate. \n\n7) A null pointer dereference error in the CFNetwork framework can\nlead to an unexpected application termination when a vulnerable\napplication connects to a malicious server. \n\n8) A boundary error in CoreFoundation can be exploited to cause a\none-byte buffer overflow when a user is enticed to read a specially\ncrafted directory hierarchy. \n\nSuccessful exploitation allows execution of arbitrary code. \n\n9) An error exists in CoreText due to the use of an uninitialised\npointer and can be exploited to execute arbitrary code when a user is\ntricked into reading a specially crafted text. \n\n10) Some vulnerabilities in Kerberos can be exploited by malicious\nusers and malicious people to compromise a vulnerable system. \n\nFor more information:\nSA26676\n\n11) An error in the handling of the current Mach thread port or\nthread exception port in the Kernel can be exploited by a malicious,\nlocal user to execute arbitrary code with root privileges. \n\nSuccessful exploitation requires permission to execute a setuid\nbinary. \n\n12) An unspecified error in the Kernel can be exploited to bypass\nthe chroot mechanism by changing the working directory using a\nrelative path. \n\n13) An integer overflow error in the \"i386_set_ldt\" system call can\nbe exploited by malicious, local users to execute arbitrary code with\nescalated privileges. \n\n14) An error exists in the handling of standard file descriptors\nwhile executing setuid and setgid programs. This can be exploited by\nmalicious, local users to gain system privileges by executing setuid\nprograms with the standard file descriptors in an unexpected state. \n\n15) An integer overflow exists in the Kernel when handling ioctl\nrequests. This can be exploited to execute arbitrary code with system\nprivileges by sending a specially crafted ioctl request. \n\n16) The default configuration of tftpd allows clients to access any\npath on the system. \n\n17) An error in the Node Information Query mechanism may allow a\nremote user to query for all addresses of a host, including\nlink-local addresses. \n\n18) An integer overflow exists in the handling of ASP messages with\nAppleTalk. This can be exploited by malicious, local users to cause a\nheap-based buffer overflow and to execute arbitrary code with system\nprivileges by sending a maliciously crafted ASP message on an\nAppleTalk socket. \n\n19) A double-free error in the handling of certain IPV6 packets can\npotentially be exploited to execute arbitrary code with system\nprivileges. \n\n20) A boundary error exists when adding a new AppleTalk zone. This\ncan be exploited to cause a stack-based buffer overflow by sending a\nmaliciously crafted ioctl request to an AppleTalk socket and allows\nexecution of arbitrary code with system privileges. \n\n21) An arithmetic error exists in AppleTalk when handling memory\nallocations. This can be exploited by malicious, local users to cause\na heap-based buffer overflow and execute arbitrary code with system\nprivileges by sending a maliciously crafted AppleTalk message. \n\n22) A double free error in NFS exists when processing an AUTH_UNIX\nRPC call. This can be exploited by malicious people to execute\narbitrary code by sending a maliciously crafted AUTH_UNIX RPC call\nvia TCP or UDP. \n\n23) An unspecified case-sensitivity error exists in NSURL when\ndetermining if a URL references the local file system. \n\n24) A format string error in Safari can be exploited by malicious\npeople to execute arbitrary code when a user is tricked into opening\na .download file with a specially crafted name. \n\n25) An implementation error exists in the tabbed browsing feature of\nSafari. If HTTP authentication is used by a site being loaded in a\ntab other than the active tab, an authentication sheet may be\ndisplayed although the tab and its corresponding page are not\nvisible. \n\n26) A person with physical access to a system may be able to bypass\nthe screen saver authentication dialog by sending keystrokes to a\nprocess running behind the screen saver authentication dialog. \n\n27) Safari does not block \"file://\" URLs when loading resources. This\ncan be exploited to view the content of local files by enticing a user\nto visit a specially crafted web page. \n\n28) An input validation error exists in WebCore when handling HTML\nforms. This can be exploited to alter the values of form fields by\nenticing a user to upload a specially crafted file. \n\n29) A race condition error exists in Safari when handling page\ntransitions. This can be exploited to obtain information entered in\nforms on other web sites by enticing a user to visit a malicious web\npage. \n\n30) An unspecified error exists in the handling of the browser\u0027s\nhistory. This can be exploited to execute arbitrary code by enticing\na user to visit a specially crafted web page. \n\n31) An error in Safari allows malicious websites to set Javascript\nwindow properties of websites served from a different domain. This\ncan be exploited to get or set the window status and location of\npages served from other websites by enticing a user to visit a\nspecially crafted web page. \n\n32) An error in Safari allows a malicious website to bypass the same\norigin policy by hosting embedded objects with javascript URLs. This\ncan be exploited to execute arbitrary HTML and script code in context\nof another site by enticing a user to visit a specially crafted web\npage. \n\n33) An error in Safari allows content served over HTTP to alter or\naccess content served over HTTPS in the same domain. This can be\nexploited to execute Javascript code in context of HTTPS web pages in\nthat domain when a user visits a malicious web page. \n\n34) An error in Safari in the handling of new browser windows can be\nexploited to disclose the URL of an unrelated page. \n\nFor more information see vulnerability #2 in:\nSA23893\n\n35) An error in WebKit may allow unauthorised applications to access\nprivate keys added to the keychain by Safari. \n\n36) An unspecified error in Safari may allow a malicious website to\nsend remotely specified data to arbitrary TCP ports. \n\n37) WebKit/Safari creates temporary files insecurely when previewing\na PDF file, which may allow a local user to access the file\u0027s\ncontent. \n5) The vendor credits Dr Bob Lopez PhD. \n6) The vendor credits Marko Karppinen, Petteri Kamppuri, and Nikita\nZhuk of MK\u0026C. \n9) Will Dormann, CERT/CC\n11) An anonymous person, reported via iDefense Labs. \n12) The vendor credits Johan Henselmans and Jesper Skov. \n13) The vendor credits RISE Security. \n14) The vendor credits Ilja van Sprundel. \n15) The vendor credits Tobias Klein, www.trapkit.de\n16) The vendor credits James P. Javery, Stratus Data Systems\n17) The vendor credits Arnaud Ebalard, EADS Innovation Works. \n18, 21) Sean Larsson, iDefense Labs\n19) The vendor credits Bhavesh Davda of VMware and Brian \"chort\"\nKeefer of Tumbleweed Communications. \n20) An anonymous person, reported via iDefense Labs. \n22) The vendor credits Alan Newson of NGSSoftware, and Renaud\nDeraison of Tenable Network Security, Inc. \n25) The vendor credits Michael Roitzsch, Technical University\nDresden. \n26) The vendor credits Faisal N. Jawdat\n27) The vendor credits lixlpixel. \n28) The vendor credits Bodo Ruskamp, Itchigo Communications GmbH. \n29) The vendor credits Ryan Grisso, NetSuite. \n30) The vendor credits David Bloom. \n31, 32) The vendor credits Michal Zalewski, Google Inc. \n33) The vendor credits Keigo Yamazaki of LAC Co. \n36) The vendor credits Kostas G. Anagnostakis, Institute for Infocomm\nResearch and Spiros Antonatos, FORTH-ICS\n37) The vendor credits Jean-Luc Giraud, and Moritz Borgmann of ETH\nZurich. \n\nORIGINAL ADVISORY:\nApple:\nhttp://docs.info.apple.com/article.html?artnum=307041\n\nUS-CERT VU#498105:\nhttp://www.kb.cert.org/vuls/id/498105\n\niDefense Labs:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=630\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=629\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=627\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=628\n\nOTHER REFERENCES:\nSA15447:\nhttp://secunia.com/advisories/15447/\n\nSA23893:\nhttp://secunia.com/advisories/23893/\n\nSA26027:\nhttp://secunia.com/advisories/26027/\n\nSA26152:\nhttp://secunia.com/advisories/26152/\n\nSA26676:\nhttp://secunia.com/advisories/26676/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n\nI. Further\n details are available in the related vulnerability notes. \n\n\nII. Impact\n\n The impacts of these vulnerabilities vary. Potential consequences\n include remote execution of arbitrary code or commands, bypass of\n security restrictions, and denial of service. \n\n\nIII. This and\n other updates are available via Apple Update or via Apple Downloads. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA07-319A Feedback VU#498105\" in the\n subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2007 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\n\nRevision History\n\n November 15, 2007: Initial release\n\n\n\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRzx7ZvRFkHkM87XOAQJfIQgAmTZfjJAY/QTweUmvZtOJ9JQ4e/Gj0sE9\nOPSrK/SplP92WUL1Ucb8I/VUSQEXXJhNv9dTCMcy7IMpqhx4UxPA6fBKWDJ+nUFi\nsx/60EOAiIVW+yYK79VdoI1jrSs48E+CNdqEJCQcjUCVi29eGAdW63H2jOZV37/F\n4iQBZYRqhiycZ9FS+S+9aRfMhfy8dEOr1UwIElq6X/tSwss1EKFSNrK5ktGifUtB\nAJ+LJVBt2yZOIApcGhsxC3LYUDrDfhqGLIVM2XBc1yuV7Y2gaH4g9Txe+fWK79X2\nLYHvhv2xtgLweR12YC+0hT60wSdrDTM6ZW0//ny25LZ7Y7D46ogSWQ==\n=AgEr\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"db": "CERT/CC",
"id": "VU#498105"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"db": "BID",
"id": "22249"
},
{
"db": "VULHUB",
"id": "VHN-23826"
},
{
"db": "PACKETSTORM",
"id": "60958"
},
{
"db": "PACKETSTORM",
"id": "60987"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23826",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23826"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "27643",
"trust": 3.5
},
{
"db": "BID",
"id": "22249",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2007-0464",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA07-319A",
"trust": 2.6
},
{
"db": "BID",
"id": "26444",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "32704",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "3200",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3868",
"trust": 1.7
},
{
"db": "XF",
"id": "31837",
"trust": 1.4
},
{
"db": "CERT/CC",
"id": "VU#498105",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA07-319A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-544",
"trust": 0.7
},
{
"db": "MILW0RM",
"id": "3200",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2007-11-14",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA07-319A",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "54030",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54031",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60987",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498105"
},
{
"db": "VULHUB",
"id": "VHN-23826"
},
{
"db": "BID",
"id": "22249"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"db": "PACKETSTORM",
"id": "60958"
},
{
"db": "PACKETSTORM",
"id": "60987"
},
{
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
]
},
"id": "VAR-200701-0397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23826"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:52:06.933000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2007-008",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307041-en"
},
{
"title": "Security Update 2007-008",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307041-ja"
},
{
"title": "TA07-319A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta07-319a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23826"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"db": "NVD",
"id": "CVE-2007-0464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/22249"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/26444"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-319a.html"
},
{
"trust": 2.5,
"url": "http://www.osvdb.org/32704"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/27643"
},
{
"trust": 2.0,
"url": "http://projects.info-pull.com/moab/moab-25-01-2007.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2007/nov/msg00002.html"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/3868"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/31837"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/3200"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31837"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/27643/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0464"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta07-319a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta07-319a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0464"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa07-319a.html"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/3200"
},
{
"trust": 0.3,
"url": "http://developer.apple.com/documentation/networking/conceptual/cfnetwork/introduction/chapter_1_section_1.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26027/"
},
{
"trust": 0.1,
"url": "https://www.trapkit.de"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/23893/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/macosx10411comboupdateppc.html"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/macosxserver10411comboupdateppc.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/macosxserver10411updateppc.html"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=629"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/macosx10411comboupdateintel.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26676/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/macosx10411updateintel.html"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=628"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/macosxserver10411comboupdateuniversal.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/15447/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=630"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/498105"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/macosx10411updateppc.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate20070081039server.html"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=627"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26152/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate20070081039client.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://www.isc.org/sw/bind/\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/products/flashplayer/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-319a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=apple_2007_008\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=307041\u003e"
},
{
"trust": 0.1,
"url": "http://www.bzip.org/\u003e"
},
{
"trust": 0.1,
"url": "http://web.mit.edu/kerberos/\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#498105"
},
{
"db": "VULHUB",
"id": "VHN-23826"
},
{
"db": "BID",
"id": "22249"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"db": "PACKETSTORM",
"id": "60958"
},
{
"db": "PACKETSTORM",
"id": "60987"
},
{
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#498105"
},
{
"db": "VULHUB",
"id": "VHN-23826"
},
{
"db": "BID",
"id": "22249"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"db": "PACKETSTORM",
"id": "60958"
},
{
"db": "PACKETSTORM",
"id": "60987"
},
{
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-14T00:00:00",
"db": "CERT/CC",
"id": "VU#498105"
},
{
"date": "2007-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-23826"
},
{
"date": "2007-01-25T00:00:00",
"db": "BID",
"id": "22249"
},
{
"date": "2007-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"date": "2007-11-16T07:06:08",
"db": "PACKETSTORM",
"id": "60958"
},
{
"date": "2007-11-16T07:24:07",
"db": "PACKETSTORM",
"id": "60987"
},
{
"date": "2007-01-30T17:28:00",
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"date": "2007-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#498105"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-23826"
},
{
"date": "2007-11-15T00:40:00",
"db": "BID",
"id": "22249"
},
{
"date": "2007-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000952"
},
{
"date": "2017-10-11T01:31:37.173000",
"db": "NVD",
"id": "CVE-2007-0464"
},
{
"date": "2007-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "60987"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X CoreText uninitialized pointer vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#498105"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-544"
}
],
"trust": 0.6
}
}
VAR-201107-0092
Vulnerability from variot - Updated: 2023-12-18 11:37CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority. Apple Safari is prone to a security-bypass vulnerability. An attacker can exploit this issue to accept forged root certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. NOTE: This issue was previously discussed in 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. CFNetwork is a low-level, high-performance framework, an extension of BSD sockets (sockets), which enables users to flexibly manipulate the protocol stack, and provides standardized abstract APIs to simplify FTP HTTP server interaction tasks, resolve DNS host resolution, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
Safari 5.1 and Safari 5.0.6 are now available and address the following:
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content. CVE-ID CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0214 : An anonymous reporter
ColorSync Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative
CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0201 : Harry Sintonen
CoreGraphics Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team
International Components for Unicode Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
libxslt Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0195 : Chris Evans of the Google Chrome Security Team
libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team
Safari Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book Description: Safari's "AutoFill web forms" feature filled in non- visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman]
Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process. CVE-ID CVE-2011-0219 : Joshua Smith of Kaon Interactive
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd CVE-2011-0164 : Apple CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0237 : wushi of team509 working with iDefense VCP CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0240 : wushi of team509 working with iDefense VCP CVE-2011-0253 : Richard Keen CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross- site scripting attack. CVE-ID CVE-2011-1295 : Sergey Glazunov
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-1107 : Jordi Chancel
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs. CVE-ID CVE-2011-0244 : Jason Hullinger
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.
Note: Safari 5.1 is included with OS X Lion.
Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems.
Safari 5.1 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/
Safari 5.0.6 is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Safari for Mac OS X v10.6.8 and later The download file is named: Safari5.1SnowLeopard.dmg Its SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24
Safari for Mac OS X v10.5.8 The download file is named: Safari5.0.6Leopard.dmg Its SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f
Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b
Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw up9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD MeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY nKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb vesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/ KD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ= =fOfF -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way.
Read more and request a free trial: http://secunia.com/products/corporate/vim/
TITLE: Apple Safari Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45325
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45325/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
RELEASE DATE: 2011-07-22
DISCUSS ADVISORY: http://secunia.com/advisories/45325/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45325/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system.
1) An error within CFNetwork when handling the "text/plain" content type can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
4) An integer overflow error exists within the ColorSync component.
For more information see vulnerability #5 in: SA45054
5) An off-by-one error exists within the CoreFoundation framework.
For more information see vulnerability #6 in: SA45054
6) An integer overflow error exists in CoreGraphics.
For more information see vulnerability #7 in: SA45054
7) An error exists within ICU (International Components for Unicode).
For more information see vulnerability #11 in: SA45054
8) An error exists in ImageIO within the handling of TIFF files when handling certain uppercase strings.
For more information see vulnerability #9 in: SA45054
9) An error in ImageIO within the handling of CCITT Group 4 encoded TIFF image files can be exploited to cause a heap-based buffer overflow.
10) A use-after-free error within WebKit when handling TIFF images can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
11) An error within libxslt can be exploited to disclose certain addresses from the heap.
For more information see vulnerability #2 in: SA43832
12) An off-by-one error within libxml when handling certain XML data can be exploited to cause a heap-based buffer overflow.
13) An error in the "AutoFill web forms" feature can be exploited to disclose certain information from the user's Address Book by tricking a user into visiting a specially crafted web page.
15) Multiple unspecified errors in the WebKit component can be exploited to corrupt memory.
16) An error within WebKit when handling libxslt configurations can be exploited to create arbitrary files.
18) A cross-origin error when handling certain URLs containing a username can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
19) A cross-origin error when handling DOM nodes can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
20) An error within the handling of DOM history objects can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
22) A weakness in WebKit can lead to remote DNS prefetching
For more information see vulnerability #6 in: SA42312
23) A use-after-free error within WebKit when processing MathML markup tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
24) An error within WebKit when parsing a frameset element can be exploited to cause a heap-based buffer overflow.
25) A use-after-free error within WebKit when handling XHTML tags can result in an invalid tag pointer being dereferenced when a user views a specially crafted web page.
26) A use-after-free error within WebKit when handling SVG tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
The weakness and the vulnerabilities are reported in versions prior to 5.1 and 5.0.6.
SOLUTION: Update to version 5.1 or 5.0.6.
PROVIDED AND/OR DISCOVERED BY: 10) Juan Pablo Lopez Yacubian via iDefense 4) binaryproof via ZDI 8) Dominic Chell, NGS Secure 23, 25, 26) wushi, team509 via iDefense 24) Jose A.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0092",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.4b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "cfnetwork",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
}
],
"sources": [
{
"db": "BID",
"id": "48837"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0214"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "BID",
"id": "48837"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0214",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-0214",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-48159",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-0214",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201107-335",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48159",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48159"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority. Apple Safari is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to accept forged root certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. \nNOTE: This issue was previously discussed in 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. CFNetwork is a low-level, high-performance framework, an extension of BSD sockets (sockets), which enables users to flexibly manipulate the protocol stack, and provides standardized abstract APIs to simplify FTP HTTP server interaction tasks, resolve DNS host resolution, etc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6\n\nSafari 5.1 and Safari 5.0.6 are now available and address the\nfollowing:\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: In certain situations, Safari may treat a file as HTML,\neven if it is served with the \u0027text/plain\u0027 content type. This may\nlead to a cross-site scripting attack on sites that allow untrusted\nusers to post text files. This issue is addressed through improved\nhandling of \u0027text/plain\u0027 content. \nCVE-ID\nCVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability\nResearch (MSVR), Neal Poole of Matasano Security\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Authenticating to a maliciously crafted website may lead to\narbitrary code execution\nDescription: The NTLM authentication protocol is susceptible to a\nreplay attack referred to as credential reflection. Authenticating to\na maliciously crafted website may lead to arbitrary code execution. \nTo mitigate this issue, Safari has been updated to utilize protection\nmechanisms recently added to Windows. This issue does not affect Mac\nOS X systems. This issue is addressed\nthrough improved certificate validation. This issue does not affect\nMac OS X systems. \nCVE-ID\nCVE-2011-0214 : An anonymous reporter\n\nColorSync\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution\nDescription: An integer overflow existed in the handling of images\nwith an embedded ColorSync profile, which may lead to a heap buffer\noverflow. Opening a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.5 systems, this issue\nis addressed in Security Update 2011-004. \nCVE-ID\nCVE-2011-0200 : binaryproof working with TippingPoint\u0027s Zero Day\nInitiative\n\nCoreFoundation\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use the CoreFoundation framework may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An off-by-one buffer overflow issue existed in the\nhandling of CFStrings. Applications that use the CoreFoundation\nframework may be vulnerable to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.6 systems, this issue\nis addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0201 : Harry Sintonen\n\nCoreGraphics\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow issue existed in the handling of\nType 1 fonts. Viewing or downloading a document containing a\nmaliciously crafted embedded font may lead to arbitrary code\nexecution. For Mac OS X v10.6 systems, this issue is addressed in Mac\nOS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in\nSecurity Update 2011-004. \nCVE-ID\nCVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert\nof the Google Security Team\n\nInternational Components for Unicode\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription: A buffer overflow issue existed in ICU\u0027s handling of\nuppercase strings. Applications that use ICU may be vulnerable to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nCCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF\nimage may lead to an unexpected application termination or arbitrary\ncode execution. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A reentrancy issue existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. This\nissue does not affect Mac OS X systems. \nCVE-ID\nCVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nlibxslt\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of addresses on the heap\nDescription: libxslt\u0027s implementation of the generate-id() XPath\nfunction disclosed the address of a heap buffer. Visiting a\nmaliciously crafted website may lead to the disclosure of addresses\non the heap. This issue is addressed by generating an ID based on the\ndifference between the addresses of two heap buffers. For Mac OS X\nv10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac\nOS X v10.5 systems, this issue is addressed in Security Update\n2011-004. \nCVE-ID\nCVE-2011-0195 : Chris Evans of the Google Chrome Security Team\n\nlibxml\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A one-byte heap buffer overflow existed in libxml\u0027s\nhandling of XML data. Visiting a maliciously crafted website may lead\nto an unexpected application termination or arbitrary code execution. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nSafari\nAvailable for: Mac OS X v10.6.8 or later,\nMac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later\nImpact: If the \"AutoFill web forms\" feature is enabled, visiting a\nmaliciously crafted website and typing may lead to the disclosure of\ninformation from the user\u0027s Address Book\nDescription: Safari\u0027s \"AutoFill web forms\" feature filled in non-\nvisible form fields, and the information was accessible by scripts on\nthe site before the user submitted the form. This issue is addressed\nby displaying all fields that will be filled, and requiring the\nuser\u0027s consent before AutoFill information is available to the form. \nCVE-ID\nCVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah\nGrossman]\n\nSafari\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: With a certain Java configuration, visiting a malicious\nwebsite may lead to unexpected text being displayed on other sites\nDescription: A cross origin issue existed in the handling of Java\nApplets. This applies when Java is enabled in Safari, and Java is\nconfigured to run within the browser process. Fonts loaded by a Java\napplet could affect the display of text content from other sites. \nThis issue is addressed by running Java applets in a separate\nprocess. \nCVE-ID\nCVE-2011-0219 : Joshua Smith of Kaon Interactive\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nVisiting a maliciously crafted website may lead to an unexpected\napplication termination or arbitrary code execution. \nCVE-ID\nCVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability\nResearch (MSVR), wushi of team509, and Yong Li of Research In Motion\nLtd\nCVE-2011-0164 : Apple\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with\niDefense VCP\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with iDefense VCP\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0237 : wushi of team509 working with iDefense VCP\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0240 : wushi of team509 working with iDefense VCP\nCVE-2011-0253 : Richard Keen\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski, wushi of team 509 working with\niDefense VCP\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A configuration issue existed in WebKit\u0027s use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription: A cross-origin issue existed in the handling of Web\nWorkers. Visiting a maliciously crafted website may lead to an\ninformation disclosure. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of URLs\nwith an embedded username. Visiting a maliciously crafted website may\nlead to a cross-site scripting attack. This issue is addressed\nthrough improved handling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of DOM\nnodes. Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription: A URL spoofing issue existed in the handling of the DOM\nhistory object. A maliciously crafted website may have been able to\ncause a different URL to be shown in the address bar. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Subscribing to a maliciously crafted RSS feed and clicking\non a link within it may lead to an information disclosure\nDescription: A canonicalization issue existed in the handling of\nURLs. Subscribing to a maliciously crafted RSS feed and clicking on a\nlink within it may lead to arbitrary files being sent from the user\u0027s\nsystem to a remote server. This update addresses the issue through\nimproved handling of URLs. \nCVE-ID\nCVE-2011-0244 : Jason Hullinger\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Applications that use WebKit, such as mail clients, may\nconnect to an arbitrary DNS server upon processing HTML content\nDescription: DNS prefetching was enabled by default in WebKit. \nApplications that use WebKit, such a s mail clients, may connect to\nan arbitrary DNS server upon processing HTML content. This update\naddresses the issue by requiring applications to opt in to DNS\nprefetching. \nCVE-ID\nCVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. \n\n\nNote: Safari 5.1 is included with OS X Lion. \n\n\nSafari 5.1 and Safari 5.0.6 address the same set of security\nissues. Safari 5.1 is provided for Mac OS X v10.6,\nand Windows systems. Safari 5.0.6 is provided for\nMac OS X v10.5 systems. \n\nSafari 5.1 is available via the Apple Software Update\napplication, or Apple\u0027s Safari download site at:\nhttp://www.apple.com/safari/download/\n\nSafari 5.0.6 is available via the Apple Software Update\napplication, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nSafari for Mac OS X v10.6.8 and later\nThe download file is named: Safari5.1SnowLeopard.dmg\nIts SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24\n\nSafari for Mac OS X v10.5.8\nThe download file is named: Safari5.0.6Leopard.dmg\nIts SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f\n\nSafari for Windows 7, Vista or XP\nThe download file is named: SafariSetup.exe\nIts SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36\n\nSafari for Windows 7, Vista or XP from the Microsoft Choice Screen\nThe download file is named: Safari_Setup.exe\nIts SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b\n\nSafari+QuickTime for Windows 7, Vista or XP\nThe file is named: SafariQuickTimeSetup.exe\nIts SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw\nup9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD\nMeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY\nnKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb\nvesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/\nKD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ=\n=fOfF\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nThe Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. \n\nRead more and request a free trial:\nhttp://secunia.com/products/corporate/vim/\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Safari Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45325\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45325/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325\n\nRELEASE DATE:\n2011-07-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45325/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45325/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and multiple vulnerabilities have been reported in Apple\nSafari, which can be exploited by malicious people to disclose\nsensitive information, manipulate certain data, conduct cross-site\nscripting and spoofing attacks, bypass certain security restrictions,\nand compromise a user\u0027s system. \n\n1) An error within CFNetwork when handling the \"text/plain\" content\ntype can be exploited to execute arbitrary HTML and script code in a\nuser\u0027s browser session in context of an affected site. \n\n4) An integer overflow error exists within the ColorSync component. \n\nFor more information see vulnerability #5 in:\nSA45054\n\n5) An off-by-one error exists within the CoreFoundation framework. \n\nFor more information see vulnerability #6 in:\nSA45054\n\n6) An integer overflow error exists in CoreGraphics. \n\nFor more information see vulnerability #7 in:\nSA45054\n\n7) An error exists within ICU (International Components for\nUnicode). \n\nFor more information see vulnerability #11 in:\nSA45054\n\n8) An error exists in ImageIO within the handling of TIFF files when\nhandling certain uppercase strings. \n\nFor more information see vulnerability #9 in:\nSA45054\n\n9) An error in ImageIO within the handling of CCITT Group 4 encoded\nTIFF image files can be exploited to cause a heap-based buffer\noverflow. \n\n10) A use-after-free error within WebKit when handling TIFF images\ncan result in an invalid pointer being dereferenced when a user views\na specially crafted web page. \n\n11) An error within libxslt can be exploited to disclose certain\naddresses from the heap. \n\nFor more information see vulnerability #2 in:\nSA43832\n\n12) An off-by-one error within libxml when handling certain XML data\ncan be exploited to cause a heap-based buffer overflow. \n\n13) An error in the \"AutoFill web forms\" feature can be exploited to\ndisclose certain information from the user\u0027s Address Book by tricking\na user into visiting a specially crafted web page. \n\n15) Multiple unspecified errors in the WebKit component can be\nexploited to corrupt memory. \n\n16) An error within WebKit when handling libxslt configurations can\nbe exploited to create arbitrary files. \n\n18) A cross-origin error when handling certain URLs containing a\nusername can be exploited to execute arbitrary HTML and script code\nin a user\u0027s browser session in the context of an affected site. \n\n19) A cross-origin error when handling DOM nodes can be exploited to\nexecute arbitrary HTML and script code in a user\u0027s browser session in\nthe context of an affected site. \n\n20) An error within the handling of DOM history objects can be\nexploited to display arbitrary content while showing the URL of a\ntrusted web site in the address bar. \n\n22) A weakness in WebKit can lead to remote DNS prefetching\n\nFor more information see vulnerability #6 in:\nSA42312\n\n23) A use-after-free error within WebKit when processing MathML\nmarkup tags can result in an invalid pointer being dereferenced when\na user views a specially crafted web page. \n\n24) An error within WebKit when parsing a frameset element can be\nexploited to cause a heap-based buffer overflow. \n\n25) A use-after-free error within WebKit when handling XHTML tags can\nresult in an invalid tag pointer being dereferenced when a user views\na specially crafted web page. \n\n26) A use-after-free error within WebKit when handling SVG tags can\nresult in an invalid pointer being dereferenced when a user views a\nspecially crafted web page. \n\nThe weakness and the vulnerabilities are reported in versions prior\nto 5.1 and 5.0.6. \n\nSOLUTION:\nUpdate to version 5.1 or 5.0.6. \n\nPROVIDED AND/OR DISCOVERED BY:\n10) Juan Pablo Lopez Yacubian via iDefense\n4) binaryproof via ZDI\n8) Dominic Chell, NGS Secure\n23, 25, 26) wushi, team509 via iDefense\n24) Jose A. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"db": "BID",
"id": "48837"
},
{
"db": "VULHUB",
"id": "VHN-48159"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0214",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "45325",
"trust": 1.6
},
{
"db": "BID",
"id": "48837",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1025816",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "73991",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201107-335",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2011-07-20-1",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-48159",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103216",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103250",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48159"
},
{
"db": "BID",
"id": "48837"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
]
},
"id": "VAR-201107-0092",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48159"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:37:04.663000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4808",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4808"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48159"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"db": "NVD",
"id": "CVE-2011-0214"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4808"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2011//jul/msg00002.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45325"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0214"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu781747/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0214"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/73991"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/48837"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id/1025816"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0240"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0223"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0202"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0215"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0217"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1823"
},
{
"trust": 0.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45325/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=931"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=933"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=934"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-228/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45325/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=930"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=932"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48159"
},
{
"db": "BID",
"id": "48837"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48159"
},
{
"db": "BID",
"id": "48837"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-48159"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48837"
},
{
"date": "2011-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"date": "2011-07-21T14:16:35",
"db": "PACKETSTORM",
"id": "103216"
},
{
"date": "2011-07-21T06:58:31",
"db": "PACKETSTORM",
"id": "103250"
},
{
"date": "2011-07-21T23:55:01.723000",
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-48159"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48837"
},
{
"date": "2011-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002039"
},
{
"date": "2011-07-22T04:00:00",
"db": "NVD",
"id": "CVE-2011-0214"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Run on Apple Safari of CFNetwork In SSL Vulnerabilities that circumvent the restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002039"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-335"
}
],
"trust": 0.6
}
}
VAR-200708-0461
Vulnerability from variot - Updated: 2023-12-18 11:29CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including CFNetwork, CoreAudio, iChat, mDNSResponder, PDFKit, Quartz Composer, Samba, and WebCore. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and potentially compromise vulnerable computers. Apple Mac OS X 10.4.10 and prior versions are vulnerable to these issues.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
Download the free PSI BETA from the Secunia website: https://psi.secunia.com/
TITLE: Mac OS X Security Update Fixes Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA26235
VERIFY ADVISORY: http://secunia.com/advisories/26235/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Manipulation of data, Exposure of sensitive information, Privilege escalation, DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
2) An input validation error can cause applications using CFNetwork to become vulnerable to HTTP response splitting attacks.
3) A design error exists in the Java interface to CoreAudio, which can be exploited to free arbitrary memory, when a user is enticed to visit a web site containing a specially crafted Java applet.
4) An unspecified error exists in the Java interface to CoreAudio, which can be exploited to read or write out of bounds of the allocated heap by enticing a user to visit a web site containing a specially crafted Java applet.
5) A unspecified error exists in the Java interface to CoreAudio, which can be exploited to instantiate or manipulate objects outside the bounds of the allocated heap, when a user is enticed to visit a web site containing a specially crafted Java applet.
Successful exploitation of vulnerabilities #3 to #5 may allow arbitrary code execution.
For more information: SA13237
7) A boundary error within the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code in iChat can be exploited on the local network to crash the application or to execute arbitrary code, by sending a specially crafted packet.
8) Some vulnerabilities in Kerberos can be exploited by malicious users and malicious people to compromise a vulnerable system.
For more information: SA25800
9) An error within the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code in mDNSResponder can be exploited on the local network to crash the application or to execute arbitrary code, by sending a specially crafted packet.
10) An integer underflow exists in PDFKit within the handling of PDF files in Preview and may be exploited to execute arbitrary code when a user opens a specially crafted PDF file.
11) Multiple vulnerabilities exist in PHP, which can be exploited to disclose potentially sensitive information, to cause a DoS (Denial of Service), to bypass certain security restrictions, to conduct cross-site scripting attacks, or to compromise a vulnerable system.
For more information: SA24814 SA24356 SA24440 SA24505 SA24542 SA25123
12) An error exists in Quartz Composer due to an uninitialized object pointer when handling Quartz Composer files and may be exploited to execute arbitrary code when a specially crafted Quartz Composer file is viewed.
13) Some vulnerabilities exist in Samba, which can be exploited by malicious people to compromise a vulnerable system.
For more information: SA25232
14) An unspecified error in Samba can be exploited to bypass file system quotas.
15) Some vulnerabilities in Squirrelmail can be exploited by malicious people to disclose and manipulate certain sensitive information or to conduct cross-site scripting, cross-site request forgery, and script insertion attacks.
For more information: SA16987 SA20406 SA21354 SA23195 SA25200
16) Some vulnerabilities in Apache Tomcat can be exploited by malicious people to conduct cross-site scripting attacks or to bypass certain security restrictions.
For more information: SA24732 SA25383 SA25721
17) An error in WebCore can be exploited to load Java applets even when Java is disabled in the preferences.
18) An error in WebCore can be exploited to conduct cross-site scripting attacks.
For more information see vulnerability #1 in: SA23893
19) An error in WebCore can be exploited by malicious people to gain knowledge of sensitive information.
For more information see vulnerability #2 in: SA23893
20) An error in WebCore when handling properties of certain global objects can be exploited to conduct cross-site scripting attacks when navigating to a new URL with Safari.
21) An error in WebKit within in the handling of International Domain Name (IDN) support and Unicode fonts embedded in Safari can be exploited to spoof a URL.
This is similar to: SA14164
22) A boundary error in the Perl Compatible Regular Expressions (PCRE) library in WebKit and used by the JavaScript engine in Safari can be exploited to cause a heap-based buffer overflow when a user visits a malicious web page.
23) Input validation errors exists in bzgrep and zgrep.
For more information: SA15047
SOLUTION: Apply Security Update 2007-007.
Security Update 2007-007 (10.4.10 Server Universal): http://www.apple.com/support/downloads/securityupdate200700710410serveruniversal.html
Security Update 2007-007 (10.4.10 Universal): http://www.apple.com/support/downloads/securityupdate200700710410universal.html
Security Update 2007-007 (10.4.10 Server PPC): http://www.apple.com/support/downloads/securityupdate200700710410serverppc.html
Security Update 2007-007 (10.4.10 PPC): http://www.apple.com/support/downloads/securityupdate200700710410ppc.html
Security Update 2007-007 (10.3.9 Server): http://www.apple.com/support/downloads/securityupdate20070071039server.html
Security Update 2007-007 (10.3.9): http://www.apple.com/support/downloads/securityupdate20070071039.html
PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Steven Kramer, sprintteam.nl. 14) The vendor credits Mike Matz, Wyomissing Area School District. 17) The vendor credits Scott Wilde. 19) Secunia Research 22) The vendor credits Charlie Miller and Jake Honoroff of Independent Security Evaluators.
ORIGINAL ADVISORY: http://docs.info.apple.com/article.html?artnum=306172
OTHER REFERENCES: SA13237: http://secunia.com/advisories/13237/
SA15047: http://secunia.com/advisories/15047/
SA16987: http://secunia.com/advisories/16987/
SA20406: http://secunia.com/advisories/20406/
SA21354: http://secunia.com/advisories/21354/
SA22588: http://secunia.com/advisories/22588/
SA23195: http://secunia.com/advisories/23195/
SA23893: http://secunia.com/advisories/23893/
SA24814: http://secunia.com/advisories/24814/
SA24356: http://secunia.com/advisories/24356/
SA24440: http://secunia.com/advisories/24440/
SA24505: http://secunia.com/advisories/24505/
SA24542: http://secunia.com/advisories/24542/
SA24732: http://secunia.com/advisories/24732/
SA25800: http://secunia.com/advisories/25800/
SA25123: http://secunia.com/advisories/25123/
SA25200: http://secunia.com/advisories/25200/
SA25232: http://secunia.com/advisories/25232/
SA25383: http://secunia.com/advisories/25383/
SA25721: http://secunia.com/advisories/25721/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200708-0461",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cfnetwork",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.3.9 and 10.4.10"
},
{
"model": "cfnetwork",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.10"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.4.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
}
],
"sources": [
{
"db": "BID",
"id": "25159"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2403"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2403",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2007-2403",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-25765",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2403",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200708-019",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-25765",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25765"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. Apple Mac OS X is prone to multiple security vulnerabilities. \nThese issues affect Mac OS X and various applications, including CFNetwork, CoreAudio, iChat, mDNSResponder, PDFKit, Quartz Composer, Samba, and WebCore. \nAttackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and potentially compromise vulnerable computers. \nApple Mac OS X 10.4.10 and prior versions are vulnerable to these issues. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nDownload the free PSI BETA from the Secunia website:\nhttps://psi.secunia.com/\n\n----------------------------------------------------------------------\n\nTITLE:\nMac OS X Security Update Fixes Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA26235\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26235/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting, Spoofing, Manipulation of\ndata, Exposure of sensitive information, Privilege escalation, DoS,\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n2) An input validation error can cause applications using CFNetwork\nto become vulnerable to HTTP response splitting attacks. \n\n3) A design error exists in the Java interface to CoreAudio, which\ncan be exploited to free arbitrary memory, when a user is enticed to\nvisit a web site containing a specially crafted Java applet. \n\n4) An unspecified error exists in the Java interface to CoreAudio,\nwhich can be exploited to read or write out of bounds of the\nallocated heap by enticing a user to visit a web site containing a\nspecially crafted Java applet. \n\n5) A unspecified error exists in the Java interface to CoreAudio,\nwhich can be exploited to instantiate or manipulate objects outside\nthe bounds of the allocated heap, when a user is enticed to visit a\nweb site containing a specially crafted Java applet. \n\nSuccessful exploitation of vulnerabilities #3 to #5 may allow\narbitrary code execution. \n\nFor more information:\nSA13237\n\n7) A boundary error within the UPnP IGD (Internet Gateway Device\nStandardized Device Control Protocol) code in iChat can be exploited\non the local network to crash the application or to execute arbitrary\ncode, by sending a specially crafted packet. \n\n8) Some vulnerabilities in Kerberos can be exploited by malicious\nusers and malicious people to compromise a vulnerable system. \n\nFor more information:\nSA25800\n\n9) An error within the UPnP IGD (Internet Gateway Device Standardized\nDevice Control Protocol) code in mDNSResponder can be exploited on the\nlocal network to crash the application or to execute arbitrary code,\nby sending a specially crafted packet. \n\n10) An integer underflow exists in PDFKit within the handling of PDF\nfiles in Preview and may be exploited to execute arbitrary code when\na user opens a specially crafted PDF file. \n\n11) Multiple vulnerabilities exist in PHP, which can be exploited to\ndisclose potentially sensitive information, to cause a DoS (Denial of\nService), to bypass certain security restrictions, to conduct\ncross-site scripting attacks, or to compromise a vulnerable system. \n\nFor more information:\nSA24814\nSA24356\nSA24440\nSA24505\nSA24542\nSA25123\n\n12) An error exists in Quartz Composer due to an uninitialized object\npointer when handling Quartz Composer files and may be exploited to\nexecute arbitrary code when a specially crafted Quartz Composer file\nis viewed. \n\n13) Some vulnerabilities exist in Samba, which can be exploited by\nmalicious people to compromise a vulnerable system. \n\nFor more information:\nSA25232\n\n14) An unspecified error in Samba can be exploited to bypass file\nsystem quotas. \n\n15) Some vulnerabilities in Squirrelmail can be exploited by\nmalicious people to disclose and manipulate certain sensitive\ninformation or to conduct cross-site scripting, cross-site request\nforgery, and script insertion attacks. \n\nFor more information:\nSA16987\nSA20406\nSA21354\nSA23195\nSA25200\n\n16) Some vulnerabilities in Apache Tomcat can be exploited by\nmalicious people to conduct cross-site scripting attacks or to bypass\ncertain security restrictions. \n\nFor more information:\nSA24732\nSA25383\nSA25721\n\n17) An error in WebCore can be exploited to load Java applets even\nwhen Java is disabled in the preferences. \n\n18) An error in WebCore can be exploited to conduct cross-site\nscripting attacks. \n\nFor more information see vulnerability #1 in:\nSA23893\n\n19) An error in WebCore can be exploited by malicious people to gain\nknowledge of sensitive information. \n\nFor more information see vulnerability #2 in:\nSA23893\n\n20) An error in WebCore when handling properties of certain global\nobjects can be exploited to conduct cross-site scripting attacks when\nnavigating to a new URL with Safari. \n\n21) An error in WebKit within in the handling of International Domain\nName (IDN) support and Unicode fonts embedded in Safari can be\nexploited to spoof a URL. \n\nThis is similar to:\nSA14164\n\n22) A boundary error in the Perl Compatible Regular Expressions\n(PCRE) library in WebKit and used by the JavaScript engine in Safari\ncan be exploited to cause a heap-based buffer overflow when a user\nvisits a malicious web page. \n\n23) Input validation errors exists in bzgrep and zgrep. \n\nFor more information:\nSA15047\n\nSOLUTION:\nApply Security Update 2007-007. \n\nSecurity Update 2007-007 (10.4.10 Server Universal):\nhttp://www.apple.com/support/downloads/securityupdate200700710410serveruniversal.html\n\nSecurity Update 2007-007 (10.4.10 Universal):\nhttp://www.apple.com/support/downloads/securityupdate200700710410universal.html\n\nSecurity Update 2007-007 (10.4.10 Server PPC):\nhttp://www.apple.com/support/downloads/securityupdate200700710410serverppc.html\n\nSecurity Update 2007-007 (10.4.10 PPC):\nhttp://www.apple.com/support/downloads/securityupdate200700710410ppc.html\n\nSecurity Update 2007-007 (10.3.9 Server):\nhttp://www.apple.com/support/downloads/securityupdate20070071039server.html\n\nSecurity Update 2007-007 (10.3.9):\nhttp://www.apple.com/support/downloads/securityupdate20070071039.html\n\nPROVIDED AND/OR DISCOVERED BY:\n2) The vendor credits Steven Kramer, sprintteam.nl. \n14) The vendor credits Mike Matz, Wyomissing Area School District. \n17) The vendor credits Scott Wilde. \n19) Secunia Research\n22) The vendor credits Charlie Miller and Jake Honoroff of\nIndependent Security Evaluators. \n\nORIGINAL ADVISORY:\nhttp://docs.info.apple.com/article.html?artnum=306172\n\nOTHER REFERENCES:\nSA13237:\nhttp://secunia.com/advisories/13237/\n\nSA15047:\nhttp://secunia.com/advisories/15047/\n\nSA16987:\nhttp://secunia.com/advisories/16987/\n\nSA20406:\nhttp://secunia.com/advisories/20406/\n\nSA21354:\nhttp://secunia.com/advisories/21354/\n\nSA22588:\nhttp://secunia.com/advisories/22588/\n\nSA23195:\nhttp://secunia.com/advisories/23195/\n\nSA23893:\nhttp://secunia.com/advisories/23893/\n\nSA24814:\nhttp://secunia.com/advisories/24814/\n\nSA24356:\nhttp://secunia.com/advisories/24356/\n\nSA24440:\nhttp://secunia.com/advisories/24440/\n\nSA24505:\nhttp://secunia.com/advisories/24505/\n\nSA24542:\nhttp://secunia.com/advisories/24542/\n\nSA24732:\nhttp://secunia.com/advisories/24732/\n\nSA25800:\nhttp://secunia.com/advisories/25800/\n\nSA25123:\nhttp://secunia.com/advisories/25123/\n\nSA25200:\nhttp://secunia.com/advisories/25200/\n\nSA25232:\nhttp://secunia.com/advisories/25232/\n\nSA25383:\nhttp://secunia.com/advisories/25383/\n\nSA25721:\nhttp://secunia.com/advisories/25721/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"db": "BID",
"id": "25159"
},
{
"db": "VULHUB",
"id": "VHN-25765"
},
{
"db": "PACKETSTORM",
"id": "58225"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2403",
"trust": 2.8
},
{
"db": "BID",
"id": "25159",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26235",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-2732",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018491",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001944",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200708-019",
"trust": 0.7
},
{
"db": "XF",
"id": "35721",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2007-07-31",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-25765",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58225",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25765"
},
{
"db": "BID",
"id": "25159"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"db": "PACKETSTORM",
"id": "58225"
},
{
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
]
},
"id": "VAR-200708-0461",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25765"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:29:44.704000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2007-07-31",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2007/jul/msg00004.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2403"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce//2007/jul/msg00004.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25159"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1018491"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26235"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2403"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2403"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2732"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35721"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "/archive/1/475770"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate20070071039server.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/25721/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate200700710410serverppc.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/23893/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24440/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24732/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20406/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/23195/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/15047/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/25383/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24542/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate20070071039.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate200700710410universal.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/13237/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/25800/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24814/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/25200/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate200700710410serveruniversal.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate200700710410ppc.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21354/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24505/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/25232/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/25123/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26235/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/16987/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22588/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24356/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25765"
},
{
"db": "BID",
"id": "25159"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"db": "PACKETSTORM",
"id": "58225"
},
{
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25765"
},
{
"db": "BID",
"id": "25159"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"db": "PACKETSTORM",
"id": "58225"
},
{
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-08-03T00:00:00",
"db": "VULHUB",
"id": "VHN-25765"
},
{
"date": "2007-08-01T00:00:00",
"db": "BID",
"id": "25159"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"date": "2007-08-08T04:01:26",
"db": "PACKETSTORM",
"id": "58225"
},
{
"date": "2007-08-03T10:17:00",
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"date": "2006-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-25765"
},
{
"date": "2007-08-08T00:34:00",
"db": "BID",
"id": "25159"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001944"
},
{
"date": "2017-07-29T01:31:25.597000",
"db": "NVD",
"id": "CVE-2007-2403"
},
{
"date": "2007-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CFNetwork Any in FTP To server FTP Vulnerabilities triggered by sending commands",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001944"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-019"
}
],
"trust": 0.6
}
}
VAR-201107-0002
Vulnerability from variot - Updated: 2023-12-18 11:24CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue. Apple Safari is prone to a remote code-execution vulnerability. Attackers may exploit this issue to execute arbitrary code in the context of the application. This issue affects Apple Safari versions prior to 5.1 and 5.0.6. NOTE: This issue was previously discussed in BID 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. CFNetwork is a low-level, high-performance framework, an extension of BSD sockets (sockets), which enables users to flexibly manipulate the protocol stack, and provides standardized abstract APIs to simplify FTP HTTP server interaction tasks, resolve DNS host resolution, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
Safari 5.1 and Safari 5.0.6 are now available and address the following:
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content. CVE-ID CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. CVE-ID CVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: A root certificate that is disabled may still be trusted Description: CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0214 : An anonymous reporter
ColorSync Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative
CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0201 : Harry Sintonen
CoreGraphics Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team
International Components for Unicode Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's handling of uppercase strings. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
libxslt Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0195 : Chris Evans of the Google Chrome Security Team
libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team
Safari Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book Description: Safari's "AutoFill web forms" feature filled in non- visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman]
Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process. CVE-ID CVE-2011-0219 : Joshua Smith of Kaon Interactive
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd CVE-2011-0164 : Apple CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0237 : wushi of team509 working with iDefense VCP CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0240 : wushi of team509 working with iDefense VCP CVE-2011-0253 : Richard Keen CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross- site scripting attack. CVE-ID CVE-2011-1295 : Sergey Glazunov
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-1107 : Jordi Chancel
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs. CVE-ID CVE-2011-0244 : Jason Hullinger
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.
Note: Safari 5.1 is included with OS X Lion.
Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems.
Safari 5.1 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/
Safari 5.0.6 is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Safari for Mac OS X v10.6.8 and later The download file is named: Safari5.1SnowLeopard.dmg Its SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24
Safari for Mac OS X v10.5.8 The download file is named: Safari5.0.6Leopard.dmg Its SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f
Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b
Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw up9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD MeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY nKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb vesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/ KD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ= =fOfF -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way.
Read more and request a free trial: http://secunia.com/products/corporate/vim/
TITLE: Apple Safari Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45325
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45325/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
RELEASE DATE: 2011-07-22
DISCUSS ADVISORY: http://secunia.com/advisories/45325/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45325/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system.
1) An error within CFNetwork when handling the "text/plain" content type can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
3) An error exists within CFNetwork when handling SSL certificates, which does not properly verify disabled root certificates.
4) An integer overflow error exists within the ColorSync component.
For more information see vulnerability #5 in: SA45054
5) An off-by-one error exists within the CoreFoundation framework.
For more information see vulnerability #6 in: SA45054
6) An integer overflow error exists in CoreGraphics.
For more information see vulnerability #7 in: SA45054
7) An error exists within ICU (International Components for Unicode).
For more information see vulnerability #11 in: SA45054
8) An error exists in ImageIO within the handling of TIFF files when handling certain uppercase strings.
For more information see vulnerability #9 in: SA45054
9) An error in ImageIO within the handling of CCITT Group 4 encoded TIFF image files can be exploited to cause a heap-based buffer overflow.
10) A use-after-free error within WebKit when handling TIFF images can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
11) An error within libxslt can be exploited to disclose certain addresses from the heap.
For more information see vulnerability #2 in: SA43832
12) An off-by-one error within libxml when handling certain XML data can be exploited to cause a heap-based buffer overflow.
13) An error in the "AutoFill web forms" feature can be exploited to disclose certain information from the user's Address Book by tricking a user into visiting a specially crafted web page.
15) Multiple unspecified errors in the WebKit component can be exploited to corrupt memory.
16) An error within WebKit when handling libxslt configurations can be exploited to create arbitrary files.
18) A cross-origin error when handling certain URLs containing a username can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
19) A cross-origin error when handling DOM nodes can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
20) An error within the handling of DOM history objects can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
22) A weakness in WebKit can lead to remote DNS prefetching
For more information see vulnerability #6 in: SA42312
23) A use-after-free error within WebKit when processing MathML markup tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
24) An error within WebKit when parsing a frameset element can be exploited to cause a heap-based buffer overflow.
25) A use-after-free error within WebKit when handling XHTML tags can result in an invalid tag pointer being dereferenced when a user views a specially crafted web page.
26) A use-after-free error within WebKit when handling SVG tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
The weakness and the vulnerabilities are reported in versions prior to 5.1 and 5.0.6.
SOLUTION: Update to version 5.1 or 5.0.6.
PROVIDED AND/OR DISCOVERED BY: 10) Juan Pablo Lopez Yacubian via iDefense 4) binaryproof via ZDI 8) Dominic Chell, NGS Secure 23, 25, 26) wushi, team509 via iDefense 24) Jose A.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0002",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.4b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "cfnetwork",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"model": "cfnetwork",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
}
],
"sources": [
{
"db": "BID",
"id": "48831"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1383"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Takehiro Takahashi of IBM X-Force Research",
"sources": [
{
"db": "BID",
"id": "48831"
}
],
"trust": 0.3
},
"cve": "CVE-2010-1383",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-1383",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-43988",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-1383",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201107-333",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-43988",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43988"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue. Apple Safari is prone to a remote code-execution vulnerability. \nAttackers may exploit this issue to execute arbitrary code in the context of the application. \nThis issue affects Apple Safari versions prior to 5.1 and 5.0.6. \nNOTE: This issue was previously discussed in BID 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. CFNetwork is a low-level, high-performance framework, an extension of BSD sockets (sockets), which enables users to flexibly manipulate the protocol stack, and provides standardized abstract APIs to simplify FTP HTTP server interaction tasks, resolve DNS host resolution, etc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6\n\nSafari 5.1 and Safari 5.0.6 are now available and address the\nfollowing:\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: In certain situations, Safari may treat a file as HTML,\neven if it is served with the \u0027text/plain\u0027 content type. This may\nlead to a cross-site scripting attack on sites that allow untrusted\nusers to post text files. This issue is addressed through improved\nhandling of \u0027text/plain\u0027 content. \nCVE-ID\nCVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability\nResearch (MSVR), Neal Poole of Matasano Security\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Authenticating to a maliciously crafted website may lead to\narbitrary code execution\nDescription: The NTLM authentication protocol is susceptible to a\nreplay attack referred to as credential reflection. Authenticating to\na maliciously crafted website may lead to arbitrary code execution. \nTo mitigate this issue, Safari has been updated to utilize protection\nmechanisms recently added to Windows. This issue does not affect Mac\nOS X systems. \nCVE-ID\nCVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: A root certificate that is disabled may still be trusted\nDescription: CFNetwork did not properly validate that a certificate\nwas trusted for use by a SSL server. As a result, if the user had\nmarked a system root certificate as not trusted, Safari would still\naccept certificates signed by that root. This issue is addressed\nthrough improved certificate validation. This issue does not affect\nMac OS X systems. \nCVE-ID\nCVE-2011-0214 : An anonymous reporter\n\nColorSync\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution\nDescription: An integer overflow existed in the handling of images\nwith an embedded ColorSync profile, which may lead to a heap buffer\noverflow. Opening a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.5 systems, this issue\nis addressed in Security Update 2011-004. \nCVE-ID\nCVE-2011-0200 : binaryproof working with TippingPoint\u0027s Zero Day\nInitiative\n\nCoreFoundation\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use the CoreFoundation framework may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An off-by-one buffer overflow issue existed in the\nhandling of CFStrings. For Mac OS X v10.6 systems, this issue\nis addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0201 : Harry Sintonen\n\nCoreGraphics\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow issue existed in the handling of\nType 1 fonts. Viewing or downloading a document containing a\nmaliciously crafted embedded font may lead to arbitrary code\nexecution. For Mac OS X v10.6 systems, this issue is addressed in Mac\nOS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in\nSecurity Update 2011-004. \nCVE-ID\nCVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert\nof the Google Security Team\n\nInternational Components for Unicode\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription: A buffer overflow issue existed in ICU\u0027s handling of\nuppercase strings. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nCCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF\nimage may lead to an unexpected application termination or arbitrary\ncode execution. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A reentrancy issue existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. This\nissue does not affect Mac OS X systems. \nCVE-ID\nCVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nlibxslt\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of addresses on the heap\nDescription: libxslt\u0027s implementation of the generate-id() XPath\nfunction disclosed the address of a heap buffer. Visiting a\nmaliciously crafted website may lead to the disclosure of addresses\non the heap. This issue is addressed by generating an ID based on the\ndifference between the addresses of two heap buffers. For Mac OS X\nv10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac\nOS X v10.5 systems, this issue is addressed in Security Update\n2011-004. \nCVE-ID\nCVE-2011-0195 : Chris Evans of the Google Chrome Security Team\n\nlibxml\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A one-byte heap buffer overflow existed in libxml\u0027s\nhandling of XML data. Visiting a maliciously crafted website may lead\nto an unexpected application termination or arbitrary code execution. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nSafari\nAvailable for: Mac OS X v10.6.8 or later,\nMac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later\nImpact: If the \"AutoFill web forms\" feature is enabled, visiting a\nmaliciously crafted website and typing may lead to the disclosure of\ninformation from the user\u0027s Address Book\nDescription: Safari\u0027s \"AutoFill web forms\" feature filled in non-\nvisible form fields, and the information was accessible by scripts on\nthe site before the user submitted the form. This issue is addressed\nby displaying all fields that will be filled, and requiring the\nuser\u0027s consent before AutoFill information is available to the form. \nCVE-ID\nCVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah\nGrossman]\n\nSafari\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: With a certain Java configuration, visiting a malicious\nwebsite may lead to unexpected text being displayed on other sites\nDescription: A cross origin issue existed in the handling of Java\nApplets. This applies when Java is enabled in Safari, and Java is\nconfigured to run within the browser process. Fonts loaded by a Java\napplet could affect the display of text content from other sites. \nThis issue is addressed by running Java applets in a separate\nprocess. \nCVE-ID\nCVE-2011-0219 : Joshua Smith of Kaon Interactive\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nVisiting a maliciously crafted website may lead to an unexpected\napplication termination or arbitrary code execution. \nCVE-ID\nCVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability\nResearch (MSVR), wushi of team509, and Yong Li of Research In Motion\nLtd\nCVE-2011-0164 : Apple\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with\niDefense VCP\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with iDefense VCP\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0237 : wushi of team509 working with iDefense VCP\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0240 : wushi of team509 working with iDefense VCP\nCVE-2011-0253 : Richard Keen\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski, wushi of team 509 working with\niDefense VCP\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A configuration issue existed in WebKit\u0027s use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription: A cross-origin issue existed in the handling of Web\nWorkers. Visiting a maliciously crafted website may lead to an\ninformation disclosure. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of URLs\nwith an embedded username. Visiting a maliciously crafted website may\nlead to a cross-site scripting attack. This issue is addressed\nthrough improved handling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of DOM\nnodes. Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription: A URL spoofing issue existed in the handling of the DOM\nhistory object. A maliciously crafted website may have been able to\ncause a different URL to be shown in the address bar. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Subscribing to a maliciously crafted RSS feed and clicking\non a link within it may lead to an information disclosure\nDescription: A canonicalization issue existed in the handling of\nURLs. Subscribing to a maliciously crafted RSS feed and clicking on a\nlink within it may lead to arbitrary files being sent from the user\u0027s\nsystem to a remote server. This update addresses the issue through\nimproved handling of URLs. \nCVE-ID\nCVE-2011-0244 : Jason Hullinger\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Applications that use WebKit, such as mail clients, may\nconnect to an arbitrary DNS server upon processing HTML content\nDescription: DNS prefetching was enabled by default in WebKit. \nApplications that use WebKit, such a s mail clients, may connect to\nan arbitrary DNS server upon processing HTML content. This update\naddresses the issue by requiring applications to opt in to DNS\nprefetching. \nCVE-ID\nCVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. \n\n\nNote: Safari 5.1 is included with OS X Lion. \n\n\nSafari 5.1 and Safari 5.0.6 address the same set of security\nissues. Safari 5.1 is provided for Mac OS X v10.6,\nand Windows systems. Safari 5.0.6 is provided for\nMac OS X v10.5 systems. \n\nSafari 5.1 is available via the Apple Software Update\napplication, or Apple\u0027s Safari download site at:\nhttp://www.apple.com/safari/download/\n\nSafari 5.0.6 is available via the Apple Software Update\napplication, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nSafari for Mac OS X v10.6.8 and later\nThe download file is named: Safari5.1SnowLeopard.dmg\nIts SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24\n\nSafari for Mac OS X v10.5.8\nThe download file is named: Safari5.0.6Leopard.dmg\nIts SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f\n\nSafari for Windows 7, Vista or XP\nThe download file is named: SafariSetup.exe\nIts SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36\n\nSafari for Windows 7, Vista or XP from the Microsoft Choice Screen\nThe download file is named: Safari_Setup.exe\nIts SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b\n\nSafari+QuickTime for Windows 7, Vista or XP\nThe file is named: SafariQuickTimeSetup.exe\nIts SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw\nup9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD\nMeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY\nnKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb\nvesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/\nKD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ=\n=fOfF\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nThe Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. \n\nRead more and request a free trial:\nhttp://secunia.com/products/corporate/vim/\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Safari Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45325\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45325/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325\n\nRELEASE DATE:\n2011-07-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45325/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45325/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and multiple vulnerabilities have been reported in Apple\nSafari, which can be exploited by malicious people to disclose\nsensitive information, manipulate certain data, conduct cross-site\nscripting and spoofing attacks, bypass certain security restrictions,\nand compromise a user\u0027s system. \n\n1) An error within CFNetwork when handling the \"text/plain\" content\ntype can be exploited to execute arbitrary HTML and script code in a\nuser\u0027s browser session in context of an affected site. \n\n3) An error exists within CFNetwork when handling SSL certificates,\nwhich does not properly verify disabled root certificates. \n\n4) An integer overflow error exists within the ColorSync component. \n\nFor more information see vulnerability #5 in:\nSA45054\n\n5) An off-by-one error exists within the CoreFoundation framework. \n\nFor more information see vulnerability #6 in:\nSA45054\n\n6) An integer overflow error exists in CoreGraphics. \n\nFor more information see vulnerability #7 in:\nSA45054\n\n7) An error exists within ICU (International Components for\nUnicode). \n\nFor more information see vulnerability #11 in:\nSA45054\n\n8) An error exists in ImageIO within the handling of TIFF files when\nhandling certain uppercase strings. \n\nFor more information see vulnerability #9 in:\nSA45054\n\n9) An error in ImageIO within the handling of CCITT Group 4 encoded\nTIFF image files can be exploited to cause a heap-based buffer\noverflow. \n\n10) A use-after-free error within WebKit when handling TIFF images\ncan result in an invalid pointer being dereferenced when a user views\na specially crafted web page. \n\n11) An error within libxslt can be exploited to disclose certain\naddresses from the heap. \n\nFor more information see vulnerability #2 in:\nSA43832\n\n12) An off-by-one error within libxml when handling certain XML data\ncan be exploited to cause a heap-based buffer overflow. \n\n13) An error in the \"AutoFill web forms\" feature can be exploited to\ndisclose certain information from the user\u0027s Address Book by tricking\na user into visiting a specially crafted web page. \n\n15) Multiple unspecified errors in the WebKit component can be\nexploited to corrupt memory. \n\n16) An error within WebKit when handling libxslt configurations can\nbe exploited to create arbitrary files. \n\n18) A cross-origin error when handling certain URLs containing a\nusername can be exploited to execute arbitrary HTML and script code\nin a user\u0027s browser session in the context of an affected site. \n\n19) A cross-origin error when handling DOM nodes can be exploited to\nexecute arbitrary HTML and script code in a user\u0027s browser session in\nthe context of an affected site. \n\n20) An error within the handling of DOM history objects can be\nexploited to display arbitrary content while showing the URL of a\ntrusted web site in the address bar. \n\n22) A weakness in WebKit can lead to remote DNS prefetching\n\nFor more information see vulnerability #6 in:\nSA42312\n\n23) A use-after-free error within WebKit when processing MathML\nmarkup tags can result in an invalid pointer being dereferenced when\na user views a specially crafted web page. \n\n24) An error within WebKit when parsing a frameset element can be\nexploited to cause a heap-based buffer overflow. \n\n25) A use-after-free error within WebKit when handling XHTML tags can\nresult in an invalid tag pointer being dereferenced when a user views\na specially crafted web page. \n\n26) A use-after-free error within WebKit when handling SVG tags can\nresult in an invalid pointer being dereferenced when a user views a\nspecially crafted web page. \n\nThe weakness and the vulnerabilities are reported in versions prior\nto 5.1 and 5.0.6. \n\nSOLUTION:\nUpdate to version 5.1 or 5.0.6. \n\nPROVIDED AND/OR DISCOVERED BY:\n10) Juan Pablo Lopez Yacubian via iDefense\n4) binaryproof via ZDI\n8) Dominic Chell, NGS Secure\n23, 25, 26) wushi, team509 via iDefense\n24) Jose A. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"db": "BID",
"id": "48831"
},
{
"db": "VULHUB",
"id": "VHN-43988"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1383",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "45325",
"trust": 1.6
},
{
"db": "BID",
"id": "48831",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1025816",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "73990",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201107-333",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2011-07-20-1",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "103216",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-43988",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103250",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43988"
},
{
"db": "BID",
"id": "48831"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
]
},
"id": "VAR-201107-0002",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-43988"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:24:10.071000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4808",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4808"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43988"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"db": "NVD",
"id": "CVE-2010-1383"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4808"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2011//jul/msg00002.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45325"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1383"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu781747/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1383"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/73990"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/48831"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id/1025816"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0240"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0223"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0202"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0215"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0217"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1823"
},
{
"trust": 0.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45325/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=931"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=933"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=934"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-228/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45325/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=930"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=932"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43988"
},
{
"db": "BID",
"id": "48831"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-43988"
},
{
"db": "BID",
"id": "48831"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-43988"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48831"
},
{
"date": "2011-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"date": "2011-07-21T14:16:35",
"db": "PACKETSTORM",
"id": "103216"
},
{
"date": "2011-07-21T06:58:31",
"db": "PACKETSTORM",
"id": "103250"
},
{
"date": "2011-07-21T23:55:01.583000",
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-43988"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48831"
},
{
"date": "2011-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002037"
},
{
"date": "2011-07-22T04:00:00",
"db": "NVD",
"id": "CVE-2010-1383"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Run on Apple Safari of CFNetwork Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002037"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-333"
}
],
"trust": 0.6
}
}
VAR-201107-0090
Vulnerability from variot - Updated: 2023-12-18 10:50Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of another site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. This issue affects Apple Safari versions prior to 5.1 and 5.0.6. NOTE: This issue was previously discussed in 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. CFNetwork is a low-level, high-performance framework, an extension of BSD sockets (sockets), which enables users to flexibly manipulate the protocol stack, and provides standardized abstract APIs to simplify FTP HTTP server interaction tasks, resolve DNS host resolution, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
Safari 5.1 and Safari 5.0.6 are now available and address the following:
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content. CVE-ID CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. CVE-ID CVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: A root certificate that is disabled may still be trusted Description: CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0214 : An anonymous reporter
ColorSync Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative
CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0201 : Harry Sintonen
CoreGraphics Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team
International Components for Unicode Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
libxslt Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0195 : Chris Evans of the Google Chrome Security Team
libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team
Safari Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book Description: Safari's "AutoFill web forms" feature filled in non- visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman]
Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process. CVE-ID CVE-2011-0219 : Joshua Smith of Kaon Interactive
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd CVE-2011-0164 : Apple CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0237 : wushi of team509 working with iDefense VCP CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0240 : wushi of team509 working with iDefense VCP CVE-2011-0253 : Richard Keen CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross- site scripting attack. CVE-ID CVE-2011-1295 : Sergey Glazunov
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-1107 : Jordi Chancel
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs. CVE-ID CVE-2011-0244 : Jason Hullinger
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.
Note: Safari 5.1 is included with OS X Lion.
Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems.
Safari 5.1 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/
Safari 5.0.6 is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Safari for Mac OS X v10.6.8 and later The download file is named: Safari5.1SnowLeopard.dmg Its SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24
Safari for Mac OS X v10.5.8 The download file is named: Safari5.0.6Leopard.dmg Its SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f
Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b
Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw up9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD MeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY nKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb vesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/ KD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ= =fOfF -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way.
Read more and request a free trial: http://secunia.com/products/corporate/vim/
TITLE: Apple Safari Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45325
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45325/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
RELEASE DATE: 2011-07-22
DISCUSS ADVISORY: http://secunia.com/advisories/45325/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45325/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45325
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system.
3) An error exists within CFNetwork when handling SSL certificates, which does not properly verify disabled root certificates.
4) An integer overflow error exists within the ColorSync component.
For more information see vulnerability #5 in: SA45054
5) An off-by-one error exists within the CoreFoundation framework.
For more information see vulnerability #6 in: SA45054
6) An integer overflow error exists in CoreGraphics.
For more information see vulnerability #7 in: SA45054
7) An error exists within ICU (International Components for Unicode).
For more information see vulnerability #11 in: SA45054
8) An error exists in ImageIO within the handling of TIFF files when handling certain uppercase strings.
For more information see vulnerability #9 in: SA45054
9) An error in ImageIO within the handling of CCITT Group 4 encoded TIFF image files can be exploited to cause a heap-based buffer overflow.
10) A use-after-free error within WebKit when handling TIFF images can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
11) An error within libxslt can be exploited to disclose certain addresses from the heap.
For more information see vulnerability #2 in: SA43832
12) An off-by-one error within libxml when handling certain XML data can be exploited to cause a heap-based buffer overflow.
13) An error in the "AutoFill web forms" feature can be exploited to disclose certain information from the user's Address Book by tricking a user into visiting a specially crafted web page.
15) Multiple unspecified errors in the WebKit component can be exploited to corrupt memory.
16) An error within WebKit when handling libxslt configurations can be exploited to create arbitrary files.
20) An error within the handling of DOM history objects can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
22) A weakness in WebKit can lead to remote DNS prefetching
For more information see vulnerability #6 in: SA42312
23) A use-after-free error within WebKit when processing MathML markup tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
24) An error within WebKit when parsing a frameset element can be exploited to cause a heap-based buffer overflow.
25) A use-after-free error within WebKit when handling XHTML tags can result in an invalid tag pointer being dereferenced when a user views a specially crafted web page.
26) A use-after-free error within WebKit when handling SVG tags can result in an invalid pointer being dereferenced when a user views a specially crafted web page.
The weakness and the vulnerabilities are reported in versions prior to 5.1 and 5.0.6.
SOLUTION: Update to version 5.1 or 5.0.6.
PROVIDED AND/OR DISCOVERED BY: 10) Juan Pablo Lopez Yacubian via iDefense 4) binaryproof via ZDI 8) Dominic Chell, NGS Secure 23, 25, 26) wushi, team509 via iDefense 24) Jose A.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0090",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.4b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "cfnetwork",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"model": "cfnetwork",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "48828"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1420"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hidetake Jo,Neal Poole",
"sources": [
{
"db": "BID",
"id": "48828"
}
],
"trust": 0.3
},
"cve": "CVE-2010-1420",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-1420",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-44025",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-1420",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201107-334",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-44025",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44025"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of another site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nThis issue affects Apple Safari versions prior to 5.1 and 5.0.6. \nNOTE: This issue was previously discussed in 48808 (Apple Safari Prior to 5.1 and 5.0.6 Multiple Security Vulnerabilities) but has been given its own record to better document it. CFNetwork is a low-level, high-performance framework, an extension of BSD sockets (sockets), which enables users to flexibly manipulate the protocol stack, and provides standardized abstract APIs to simplify FTP HTTP server interaction tasks, resolve DNS host resolution, etc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6\n\nSafari 5.1 and Safari 5.0.6 are now available and address the\nfollowing:\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: In certain situations, Safari may treat a file as HTML,\neven if it is served with the \u0027text/plain\u0027 content type. This may\nlead to a cross-site scripting attack on sites that allow untrusted\nusers to post text files. This issue is addressed through improved\nhandling of \u0027text/plain\u0027 content. \nCVE-ID\nCVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability\nResearch (MSVR), Neal Poole of Matasano Security\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Authenticating to a maliciously crafted website may lead to\narbitrary code execution\nDescription: The NTLM authentication protocol is susceptible to a\nreplay attack referred to as credential reflection. Authenticating to\na maliciously crafted website may lead to arbitrary code execution. \nTo mitigate this issue, Safari has been updated to utilize protection\nmechanisms recently added to Windows. This issue does not affect Mac\nOS X systems. \nCVE-ID\nCVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: A root certificate that is disabled may still be trusted\nDescription: CFNetwork did not properly validate that a certificate\nwas trusted for use by a SSL server. As a result, if the user had\nmarked a system root certificate as not trusted, Safari would still\naccept certificates signed by that root. This issue is addressed\nthrough improved certificate validation. This issue does not affect\nMac OS X systems. \nCVE-ID\nCVE-2011-0214 : An anonymous reporter\n\nColorSync\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution\nDescription: An integer overflow existed in the handling of images\nwith an embedded ColorSync profile, which may lead to a heap buffer\noverflow. Opening a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.5 systems, this issue\nis addressed in Security Update 2011-004. \nCVE-ID\nCVE-2011-0200 : binaryproof working with TippingPoint\u0027s Zero Day\nInitiative\n\nCoreFoundation\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use the CoreFoundation framework may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An off-by-one buffer overflow issue existed in the\nhandling of CFStrings. Applications that use the CoreFoundation\nframework may be vulnerable to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.6 systems, this issue\nis addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0201 : Harry Sintonen\n\nCoreGraphics\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow issue existed in the handling of\nType 1 fonts. Viewing or downloading a document containing a\nmaliciously crafted embedded font may lead to arbitrary code\nexecution. For Mac OS X v10.6 systems, this issue is addressed in Mac\nOS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in\nSecurity Update 2011-004. \nCVE-ID\nCVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert\nof the Google Security Team\n\nInternational Components for Unicode\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription: A buffer overflow issue existed in ICU\u0027s handling of\nuppercase strings. Applications that use ICU may be vulnerable to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nCCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF\nimage may lead to an unexpected application termination or arbitrary\ncode execution. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A reentrancy issue existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. This\nissue does not affect Mac OS X systems. \nCVE-ID\nCVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nlibxslt\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of addresses on the heap\nDescription: libxslt\u0027s implementation of the generate-id() XPath\nfunction disclosed the address of a heap buffer. Visiting a\nmaliciously crafted website may lead to the disclosure of addresses\non the heap. This issue is addressed by generating an ID based on the\ndifference between the addresses of two heap buffers. For Mac OS X\nv10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac\nOS X v10.5 systems, this issue is addressed in Security Update\n2011-004. \nCVE-ID\nCVE-2011-0195 : Chris Evans of the Google Chrome Security Team\n\nlibxml\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A one-byte heap buffer overflow existed in libxml\u0027s\nhandling of XML data. Visiting a maliciously crafted website may lead\nto an unexpected application termination or arbitrary code execution. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nSafari\nAvailable for: Mac OS X v10.6.8 or later,\nMac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later\nImpact: If the \"AutoFill web forms\" feature is enabled, visiting a\nmaliciously crafted website and typing may lead to the disclosure of\ninformation from the user\u0027s Address Book\nDescription: Safari\u0027s \"AutoFill web forms\" feature filled in non-\nvisible form fields, and the information was accessible by scripts on\nthe site before the user submitted the form. This issue is addressed\nby displaying all fields that will be filled, and requiring the\nuser\u0027s consent before AutoFill information is available to the form. \nCVE-ID\nCVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah\nGrossman]\n\nSafari\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: With a certain Java configuration, visiting a malicious\nwebsite may lead to unexpected text being displayed on other sites\nDescription: A cross origin issue existed in the handling of Java\nApplets. This applies when Java is enabled in Safari, and Java is\nconfigured to run within the browser process. Fonts loaded by a Java\napplet could affect the display of text content from other sites. \nThis issue is addressed by running Java applets in a separate\nprocess. \nCVE-ID\nCVE-2011-0219 : Joshua Smith of Kaon Interactive\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nVisiting a maliciously crafted website may lead to an unexpected\napplication termination or arbitrary code execution. \nCVE-ID\nCVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability\nResearch (MSVR), wushi of team509, and Yong Li of Research In Motion\nLtd\nCVE-2011-0164 : Apple\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with\niDefense VCP\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with iDefense VCP\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0237 : wushi of team509 working with iDefense VCP\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0240 : wushi of team509 working with iDefense VCP\nCVE-2011-0253 : Richard Keen\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski, wushi of team 509 working with\niDefense VCP\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A configuration issue existed in WebKit\u0027s use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription: A cross-origin issue existed in the handling of Web\nWorkers. Visiting a maliciously crafted website may lead to an\ninformation disclosure. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of URLs\nwith an embedded username. Visiting a maliciously crafted website may\nlead to a cross-site scripting attack. This issue is addressed\nthrough improved handling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of DOM\nnodes. Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription: A URL spoofing issue existed in the handling of the DOM\nhistory object. A maliciously crafted website may have been able to\ncause a different URL to be shown in the address bar. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Subscribing to a maliciously crafted RSS feed and clicking\non a link within it may lead to an information disclosure\nDescription: A canonicalization issue existed in the handling of\nURLs. Subscribing to a maliciously crafted RSS feed and clicking on a\nlink within it may lead to arbitrary files being sent from the user\u0027s\nsystem to a remote server. This update addresses the issue through\nimproved handling of URLs. \nCVE-ID\nCVE-2011-0244 : Jason Hullinger\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Applications that use WebKit, such as mail clients, may\nconnect to an arbitrary DNS server upon processing HTML content\nDescription: DNS prefetching was enabled by default in WebKit. \nApplications that use WebKit, such a s mail clients, may connect to\nan arbitrary DNS server upon processing HTML content. This update\naddresses the issue by requiring applications to opt in to DNS\nprefetching. \nCVE-ID\nCVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. \n\n\nNote: Safari 5.1 is included with OS X Lion. \n\n\nSafari 5.1 and Safari 5.0.6 address the same set of security\nissues. Safari 5.1 is provided for Mac OS X v10.6,\nand Windows systems. Safari 5.0.6 is provided for\nMac OS X v10.5 systems. \n\nSafari 5.1 is available via the Apple Software Update\napplication, or Apple\u0027s Safari download site at:\nhttp://www.apple.com/safari/download/\n\nSafari 5.0.6 is available via the Apple Software Update\napplication, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nSafari for Mac OS X v10.6.8 and later\nThe download file is named: Safari5.1SnowLeopard.dmg\nIts SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24\n\nSafari for Mac OS X v10.5.8\nThe download file is named: Safari5.0.6Leopard.dmg\nIts SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f\n\nSafari for Windows 7, Vista or XP\nThe download file is named: SafariSetup.exe\nIts SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36\n\nSafari for Windows 7, Vista or XP from the Microsoft Choice Screen\nThe download file is named: Safari_Setup.exe\nIts SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b\n\nSafari+QuickTime for Windows 7, Vista or XP\nThe file is named: SafariQuickTimeSetup.exe\nIts SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw\nup9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD\nMeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY\nnKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb\nvesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/\nKD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ=\n=fOfF\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nThe Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. \n\nRead more and request a free trial:\nhttp://secunia.com/products/corporate/vim/\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Safari Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45325\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45325/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325\n\nRELEASE DATE:\n2011-07-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45325/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45325/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and multiple vulnerabilities have been reported in Apple\nSafari, which can be exploited by malicious people to disclose\nsensitive information, manipulate certain data, conduct cross-site\nscripting and spoofing attacks, bypass certain security restrictions,\nand compromise a user\u0027s system. \n\n3) An error exists within CFNetwork when handling SSL certificates,\nwhich does not properly verify disabled root certificates. \n\n4) An integer overflow error exists within the ColorSync component. \n\nFor more information see vulnerability #5 in:\nSA45054\n\n5) An off-by-one error exists within the CoreFoundation framework. \n\nFor more information see vulnerability #6 in:\nSA45054\n\n6) An integer overflow error exists in CoreGraphics. \n\nFor more information see vulnerability #7 in:\nSA45054\n\n7) An error exists within ICU (International Components for\nUnicode). \n\nFor more information see vulnerability #11 in:\nSA45054\n\n8) An error exists in ImageIO within the handling of TIFF files when\nhandling certain uppercase strings. \n\nFor more information see vulnerability #9 in:\nSA45054\n\n9) An error in ImageIO within the handling of CCITT Group 4 encoded\nTIFF image files can be exploited to cause a heap-based buffer\noverflow. \n\n10) A use-after-free error within WebKit when handling TIFF images\ncan result in an invalid pointer being dereferenced when a user views\na specially crafted web page. \n\n11) An error within libxslt can be exploited to disclose certain\naddresses from the heap. \n\nFor more information see vulnerability #2 in:\nSA43832\n\n12) An off-by-one error within libxml when handling certain XML data\ncan be exploited to cause a heap-based buffer overflow. \n\n13) An error in the \"AutoFill web forms\" feature can be exploited to\ndisclose certain information from the user\u0027s Address Book by tricking\na user into visiting a specially crafted web page. \n\n15) Multiple unspecified errors in the WebKit component can be\nexploited to corrupt memory. \n\n16) An error within WebKit when handling libxslt configurations can\nbe exploited to create arbitrary files. \n\n20) An error within the handling of DOM history objects can be\nexploited to display arbitrary content while showing the URL of a\ntrusted web site in the address bar. \n\n22) A weakness in WebKit can lead to remote DNS prefetching\n\nFor more information see vulnerability #6 in:\nSA42312\n\n23) A use-after-free error within WebKit when processing MathML\nmarkup tags can result in an invalid pointer being dereferenced when\na user views a specially crafted web page. \n\n24) An error within WebKit when parsing a frameset element can be\nexploited to cause a heap-based buffer overflow. \n\n25) A use-after-free error within WebKit when handling XHTML tags can\nresult in an invalid tag pointer being dereferenced when a user views\na specially crafted web page. \n\n26) A use-after-free error within WebKit when handling SVG tags can\nresult in an invalid pointer being dereferenced when a user views a\nspecially crafted web page. \n\nThe weakness and the vulnerabilities are reported in versions prior\nto 5.1 and 5.0.6. \n\nSOLUTION:\nUpdate to version 5.1 or 5.0.6. \n\nPROVIDED AND/OR DISCOVERED BY:\n10) Juan Pablo Lopez Yacubian via iDefense\n4) binaryproof via ZDI\n8) Dominic Chell, NGS Secure\n23, 25, 26) wushi, team509 via iDefense\n24) Jose A. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"db": "BID",
"id": "48828"
},
{
"db": "VULHUB",
"id": "VHN-44025"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1420",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "45325",
"trust": 1.6
},
{
"db": "BID",
"id": "48828",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1025816",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "73989",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201107-334",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2011-07-20-1",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-44025",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103216",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103250",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44025"
},
{
"db": "BID",
"id": "48828"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
]
},
"id": "VAR-201107-0090",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44025"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:50:34.761000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4808",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4808"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44025"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"db": "NVD",
"id": "CVE-2010-1420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4808"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2011//jul/msg00002.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45325"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1420"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu781747/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1420"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/73989"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/48828"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id/1025816"
},
{
"trust": 0.4,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.3,
"url": "http://lists.apple.com/archives/security-announce/2011/jul/msg00002.html"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/advisory/msvr11-009.mspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0240"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0223"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0202"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0215"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0217"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1823"
},
{
"trust": 0.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45325/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=931"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=933"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=934"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-228/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45325/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45325"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=930"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=932"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44025"
},
{
"db": "BID",
"id": "48828"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-44025"
},
{
"db": "BID",
"id": "48828"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"db": "PACKETSTORM",
"id": "103216"
},
{
"db": "PACKETSTORM",
"id": "103250"
},
{
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-44025"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48828"
},
{
"date": "2011-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"date": "2011-07-21T14:16:35",
"db": "PACKETSTORM",
"id": "103216"
},
{
"date": "2011-07-21T06:58:31",
"db": "PACKETSTORM",
"id": "103250"
},
{
"date": "2011-07-21T23:55:01.647000",
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-44025"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48828"
},
{
"date": "2011-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002038"
},
{
"date": "2011-07-22T04:00:00",
"db": "NVD",
"id": "CVE-2010-1420"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari CFNetwork Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "48828"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-334"
}
],
"trust": 0.6
}
}
FKIE_CVE-2011-0214
Vulnerability from fkie_nvd - Published: 2011-07-21 23:55 - Updated: 2025-04-11 00:51{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E470F24-6F4A-4AB1-9D59-8DDAAA09A7F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFDCD2B-162B-449B-B380-9A5A2CB2BFF5",
"versionEndIncluding": "5.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
"matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
"matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
"matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
"matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
"matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
"matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
"matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
"matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
"matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2451165-7831-426E-BA07-B3A57F3589C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD80CA73-5612-4799-9084-09BAA7938F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C670E9A-9EDE-45D6-A92D-8764FCF74D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "17A3218C-F9D1-486C-A101-86B76BD70CCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority."
},
{
"lang": "es",
"value": "CFNetwork en Apple Safari v5.0.6 y anteriores en Windows que no controla correctamente un atributo, no es de confianza un certificado de ra\u00edz del sistema, y permite a los servidores Web remotos eludir las restricciones destinadas SSL a trav\u00e9s de un certificado firmado por una autoridad de certificaci\u00f3n de la lista negra (no autorizada)."
}
],
"id": "CVE-2011-0214",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-07-21T23:55:01.723",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
},
{
"source": "product-security@apple.com",
"url": "http://support.apple.com/kb/HT4808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4808"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1383
Vulnerability from fkie_nvd - Published: 2011-07-21 23:55 - Updated: 2025-04-11 00:51| URL | Tags | ||
|---|---|---|---|
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html | Patch, Vendor Advisory | |
| product-security@apple.com | http://support.apple.com/kb/HT4808 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4808 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E470F24-6F4A-4AB1-9D59-8DDAAA09A7F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFDCD2B-162B-449B-B380-9A5A2CB2BFF5",
"versionEndIncluding": "5.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
"matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
"matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
"matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
"matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
"matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
"matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
"matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
"matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
"matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2451165-7831-426E-BA07-B3A57F3589C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD80CA73-5612-4799-9084-09BAA7938F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C670E9A-9EDE-45D6-A92D-8764FCF74D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "17A3218C-F9D1-486C-A101-86B76BD70CCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue."
},
{
"lang": "es",
"value": "CFNetwork en Safari de Apple en Windows antes de v5.0.6 permite a los servidores Web remotos ejecutar c\u00f3digo arbitrario mediante la reproducci\u00f3n de las credenciales NTLM de un usuario del cliente, en relaci\u00f3n con una problema de \"reflejo de credenciales \"."
}
],
"id": "CVE-2010-1383",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-21T23:55:01.583",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4808"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1420
Vulnerability from fkie_nvd - Published: 2011-07-21 23:55 - Updated: 2025-04-11 00:51| URL | Tags | ||
|---|---|---|---|
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html | Patch, Vendor Advisory | |
| product-security@apple.com | http://support.apple.com/kb/HT4808 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4808 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E470F24-6F4A-4AB1-9D59-8DDAAA09A7F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFDCD2B-162B-449B-B380-9A5A2CB2BFF5",
"versionEndIncluding": "5.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
"matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
"matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
"matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
"matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
"matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
"matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
"matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
"matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
"matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2451165-7831-426E-BA07-B3A57F3589C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD80CA73-5612-4799-9084-09BAA7938F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C670E9A-9EDE-45D6-A92D-8764FCF74D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "17A3218C-F9D1-486C-A101-86B76BD70CCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en CFNetwork en Apple Safari anterior a v5.0.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un fichero en texto plano manipulado"
}
],
"id": "CVE-2010-1420",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-21T23:55:01.647",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4808"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1800
Vulnerability from fkie_nvd - Published: 2010-08-25 20:00 - Updated: 2025-04-11 00:51| Vendor | Product | Version | |
|---|---|---|---|
| apple | cfnetwork | * | |
| apple | mac_os_x | 10.6.3 | |
| apple | mac_os_x | 10.6.4 | |
| apple | mac_os_x_server | 10.6.3 | |
| apple | mac_os_x_server | 10.6.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E470F24-6F4A-4AB1-9D59-8DDAAA09A7F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses."
},
{
"lang": "es",
"value": "CTFNetwork en Apple Mac OS X v10.6.3 y v10.6.4 soporta conexiones an\u00f3nimas SSL y TLS, esto permite a atacantes de hombre en el medio (man-in-the-middle) redirigir una conexi\u00f3n y obtener informaci\u00f3n sensible a trav\u00e9s de respuestas manipuladas."
}
],
"id": "CVE-2010-1800",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-25T20:00:16.737",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "product-security@apple.com",
"url": "http://securitytracker.com/id?1024359"
},
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4312"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2403
Vulnerability from fkie_nvd - Published: 2007-08-03 10:17 - Updated: 2025-04-09 00:30| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | 10.3.9 | |
| apple | mac_os_x | 10.4.10 | |
| apple | mac_os_x_server | 10.3.9 | |
| apple | mac_os_x_server | 10.4.10 | |
| apple | cfnetwork | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E470F24-6F4A-4AB1-9D59-8DDAAA09A7F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers."
},
{
"lang": "es",
"value": "CFNetwork en Apple Mac OS X 10.3.9 y 10.4.10 no valida adecuadamente URIs ftp:, lo cual permite a atacantes remotos provocar la transmisi\u00f3n de comandos FTP de su elecci\u00f3n mediante servidores FTP de su elecci\u00f3n."
}
],
"id": "CVE-2007-2403",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-08-03T10:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26235"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018491"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-1420 (GCVE-0-2010-1420)
Vulnerability from cvelistv5 – Published: 2011-07-21 23:00 – Updated: 2024-09-17 02:42- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-21T23:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4808",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-1420",
"datePublished": "2011-07-21T23:00:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-17T02:42:17.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1383 (GCVE-0-2010-1383)
Vulnerability from cvelistv5 – Published: 2011-07-21 23:00 – Updated: 2024-09-16 17:58- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-21T23:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4808",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-1383",
"datePublished": "2011-07-21T23:00:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-16T17:58:17.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0214 (GCVE-0-2011-0214)
Vulnerability from cvelistv5 – Published: 2011-07-21 23:00 – Updated: 2024-09-16 23:22- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:43:15.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-21T23:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4808",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2011-0214",
"datePublished": "2011-07-21T23:00:00Z",
"dateReserved": "2010-12-23T00:00:00Z",
"dateUpdated": "2024-09-16T23:22:16.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1800 (GCVE-0-2010-1800)
Vulnerability from cvelistv5 – Published: 2010-08-25 19:00 – Updated: 2024-09-17 04:05- n/a
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:35:53.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024359",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024359"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-25T19:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1024359",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024359"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024359",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024359"
},
{
"name": "APPLE-SA-2010-08-24-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT4312",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-1800",
"datePublished": "2010-08-25T19:00:00Z",
"dateReserved": "2010-05-06T00:00:00Z",
"dateUpdated": "2024-09-17T04:05:14.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2403 (GCVE-0-2007-2403)
Vulnerability from cvelistv5 – Published: 2007-08-03 10:00 – Updated: 2024-08-07 13:33- n/a
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "1018491",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018491"
},
{
"name": "macos-ftp-command-execution(35721)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "1018491",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018491"
},
{
"name": "macos-ftp-command-execution(35721)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2732",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "APPLE-SA-2007-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "1018491",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018491"
},
{
"name": "macos-ftp-command-execution(35721)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2403",
"datePublished": "2007-08-03T10:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1420 (GCVE-0-2010-1420)
Vulnerability from nvd – Published: 2011-07-21 23:00 – Updated: 2024-09-17 02:42- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-21T23:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4808",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-1420",
"datePublished": "2011-07-21T23:00:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-17T02:42:17.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1383 (GCVE-0-2010-1383)
Vulnerability from nvd – Published: 2011-07-21 23:00 – Updated: 2024-09-16 17:58- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-21T23:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a \"credential reflection\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4808",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-1383",
"datePublished": "2011-07-21T23:00:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-16T17:58:17.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0214 (GCVE-0-2011-0214)
Vulnerability from nvd – Published: 2011-07-21 23:00 – Updated: 2024-09-16 23:22- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:43:15.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-21T23:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT4808",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2011-0214",
"datePublished": "2011-07-21T23:00:00Z",
"dateReserved": "2010-12-23T00:00:00Z",
"dateUpdated": "2024-09-16T23:22:16.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1800 (GCVE-0-2010-1800)
Vulnerability from nvd – Published: 2010-08-25 19:00 – Updated: 2024-09-17 04:05- n/a
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:35:53.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024359",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024359"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-25T19:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1024359",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024359"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024359",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024359"
},
{
"name": "APPLE-SA-2010-08-24-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT4312",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-1800",
"datePublished": "2010-08-25T19:00:00Z",
"dateReserved": "2010-05-06T00:00:00Z",
"dateUpdated": "2024-09-17T04:05:14.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2403 (GCVE-0-2007-2403)
Vulnerability from nvd – Published: 2007-08-03 10:00 – Updated: 2024-08-07 13:33- n/a
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "1018491",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018491"
},
{
"name": "macos-ftp-command-execution(35721)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "1018491",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018491"
},
{
"name": "macos-ftp-command-execution(35721)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2732",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "APPLE-SA-2007-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "1018491",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018491"
},
{
"name": "macos-ftp-command-execution(35721)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35721"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2403",
"datePublished": "2007-08-03T10:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}