VAR-201005-0179
Vulnerability from variot - Updated: 2023-12-18 11:35Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. ----------------------------------------------------------------------
Looking for a job?
Secunia is hiring skilled researchers and talented developers.
http://secunia.com/company/jobs/
TITLE: Apple Safari "parent.close()" Code Execution Vulnerability
SECUNIA ADVISORY ID: SA39670
VERIFY ADVISORY: http://secunia.com/advisories/39670/
DESCRIPTION: A vulnerability has been discovered in Apple Safari, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows.
The vulnerability is confirmed in Safari version 4.0.5 for Windows. Other versions may also be affected.
SOLUTION: Do not visit untrusted web sites or follow links from untrusted sources.
PROVIDED AND/OR DISCOVERED BY: Krystian Kloskowski (h07)
ORIGINAL ADVISORY: http://h07.w.interia.pl/Safari.rar
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201005-0179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 2.4,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "windows",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "89292"
}
],
"trust": 0.1
},
"cve": "CVE-2010-1940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2010-1940",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-44545",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-1940",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201005-235",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-44545",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44545"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari 4.0.5 on Windows sends the \"Authorization: Basic\" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. ----------------------------------------------------------------------\n\n\nLooking for a job?\n\n\nSecunia is hiring skilled researchers and talented developers. \n\n\nhttp://secunia.com/company/jobs/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Safari \"parent.close()\" Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA39670\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39670/\n\nDESCRIPTION:\nA vulnerability has been discovered in Apple Safari, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an error in the handling of parent\nwindows and can result in a function call using an invalid pointer. \nThis can be exploited to execute arbitrary code when a user e.g. \nvisits a specially crafted web page and closes opened pop-up\nwindows. \n\nThe vulnerability is confirmed in Safari version 4.0.5 for Windows. \nOther versions may also be affected. \n\nSOLUTION:\nDo not visit untrusted web sites or follow links from untrusted\nsources. \n\nPROVIDED AND/OR DISCOVERED BY:\nKrystian Kloskowski (h07)\n\nORIGINAL ADVISORY:\nhttp://h07.w.interia.pl/Safari.rar\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"db": "VULHUB",
"id": "VHN-44545"
},
{
"db": "PACKETSTORM",
"id": "89292"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1940",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "39670",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004075",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201005-235",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-44545",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89292",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44545"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"db": "PACKETSTORM",
"id": "89292"
},
{
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
]
},
"id": "VAR-201005-0179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44545"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:35:16.343000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Safari",
"trust": 0.8,
"url": "http://www.apple.com/safari/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://windows.microsoft.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44545"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"db": "NVD",
"id": "CVE-2010-1940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://secunia.com/advisories/39670"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58620"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1940"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1940"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39670/"
},
{
"trust": 0.1,
"url": "http://h07.w.interia.pl/safari.rar"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44545"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"db": "PACKETSTORM",
"id": "89292"
},
{
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-44545"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"db": "PACKETSTORM",
"id": "89292"
},
{
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-44545"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"date": "2010-05-08T08:39:48",
"db": "PACKETSTORM",
"id": "89292"
},
{
"date": "2010-05-14T20:30:01.530000",
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"date": "2010-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-44545"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004075"
},
{
"date": "2017-08-17T01:32:32.883000",
"db": "NVD",
"id": "CVE-2010-1940"
},
{
"date": "2010-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari Vulnerability in obtaining important information in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004075"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201005-235"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…