Apple Safari 3.2.3 does not properly implement the file: protocol handler, which allows remote attackers to read arbitrary files or cause a denial of service (launch of multiple Windows Explorer instances) via vectors involving an unspecified HTML tag, possibly a related issue to CVE-2009-1703.
http://www.securityfocus.com/archive/1/504480/100/0/threaded
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
39339 | Safari < 4.0 Multiple Vulnerabilities | Nessus | Windows | high |
39338 | Mac OS X : Apple Safari < 4.0 | Nessus | MacOS X Local Security Checks | high |
5046 | Safari < 4.0 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | high |
800993 | Safari < 4.0 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |