Safari < 3.1.1 Multiple Vulnerabilities
High Nessus Plugin ID 31993
SynopsisThe remote host contains a web browser that is affected by several issues.
DescriptionThe version of Safari installed on the remote host reportedly is affected by several issues :
- A malicious website can spoof window titles and URL bars (CVE-2007-2398).
- A memory corruption issue in the file downloading capability could lead to a crash or arbitrary code execution (CVE-2008-1024).
- A cross-site scripting vulnerability exists in WebKit's handling of URLs that contain a colon character in the host name (CVE-2008-1025).
SolutionUpgrade to Safari 3.1.1 or later.