Safari < 3.2.2 Multiple Vulnerabilities
High Log Correlation Engine Plugin ID 801011
SynopsisThe remote host contains a web browser that is vulnerable to multiple attack vectors.
DescriptionThe version of Safari installed on the remote Windows host is earlier than 3.2.2. Such versions reportedly have multiple vulnerabilities :
- A cached certificate is not required before displaying a lock icon for a HTTPS web site. This allows a man-in-the-middle attacker to present the user with spoofed web pages over HTTPS that appear to be from a legitimate source. (CVE-2009-2072)
- The browser processes a 3xxx HTTP CONNECT before a successful SSL handshake, which could allow a man-in-the-midddle attacker to execute arbitrary script code in the context of a HTTPS site. (CVE-2009-2062)
SolutionUpgrade to version 3.2.2 or higher.