Mac OS X : Safari < 5.1.4 Multiple Vulnerabilities

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by several
vulnerabilities.

Description :

The version of Safari installed on the remote Mac OS X host is
earlier than 5.1.4. Thus, it is potentially affected by several
issues :

- Web page visits may be recorded in browser history even
when private browsing is active. (CVE-2012-0585)

- Multiple cross-site scripting issues existed in WebKit.
(CVE-2011-3881, CVE-2012-0586, CVE-2012-0587,
CVE-2012-0588, CVE-2012-0589)

- A cross-origin issue existed in WebKit, which may allow
cookies to be disclosed across origins. (CVE-2011-3887)

- Visiting a maliciously crafted website and dragging
content with the mouse may lead to a cross-site
scripting attack. (CVE-2012-0590)

- Multiple memory corruption issues existed in WebKit.
(CVE-2011-2825, CVE-2011-2833, CVE-2011-2846,
CVE-2011-2847, CVE-2011-2854, CVE-2011-2855,
CVE-2011-2857, CVE-2011-2860, CVE-2011-2866,
CVE-2011-2867, CVE-2011-2868, CVE-2011-2869,
CVE-2011-2870, CVE-2011-2871, CVE-2011-2872,
CVE-2011-2873, CVE-2011-2877, CVE-2011-3885,
CVE-2011-3888, CVE-2011-3897, CVE-2011-3908,
CVE-2011-3909, CVE-2011-3928, CVE-2012-0591,
CVE-2012-0592, CVE-2012-0593, CVE-2012-0594,
CVE-2012-0595, CVE-2012-0596, CVE-2012-0597,
CVE-2012-0598, CVE-2012-0599, CVE-2012-0600,
CVE-2012-0601, CVE-2012-0602, CVE-2012-0603,
CVE-2012-0604, CVE-2012-0605, CVE-2012-0606,
CVE-2012-0607, CVE-2012-0608, CVE-2012-0609,
CVE-2012-0610, CVE-2012-0611, CVE-2012-0612,
CVE-2012-0613, CVE-2012-0614, CVE-2012-0615,
CVE-2012-0616, CVE-2012-0617, CVE-2012-0618,
CVE-2012-0619, CVE-2012-0620, CVE-2012-0621,
CVE-2012-0622, CVE-2012-0623, CVE-2012-0624,
CVE-2012-0625, CVE-2012-0626, CVE-2012-0627,
CVE-2012-0628, CVE-2012-0629, CVE-2012-0630,
CVE-2012-0631, CVE-2012-0632, CVE-2012-0633,
CVE-2012-0635, CVE-2012-0636, CVE-2012-0637,
CVE-2012-0638, CVE-2012-0639, CVE-2012-0648)

- Cookies may be set by third-parties, even when Safari
is configured to block them. (CVE-2012-0640)

- If a site uses HTTP authentication and redirects to
another site, the authentication credentials may be
sent to the other site. (CVE-2012-0647)

See also :

http://www.zerodayinitiative.com/advisories/ZDI-12-147/
http://archives.neohapsis.com/archives/fulldisclosure/2012-08/0267.html
http://support.apple.com/kb/HT5190
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html

Solution :

Upgrade to Safari 5.1.4 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false