Safari < 3.2.3 Multiple Vulnerabilities
High Nessus Plugin ID 38745
SynopsisThe remote host contains a web browser that is affected by several vulnerabilities.
DescriptionThe version of Safari installed on the remote Windows host is earlier than 3.2.3. Such versions are potentially affected by several issues :
- A heap-based buffer overflow issue in the libxml library when handling long entity names could lead to a crash or arbitrary code execution. (CVE-2008-3529)
- A memory corruption issue in WebKit's handling of SVGList objects could lead to arbitrary code execution.
- The browser uses the HTTP Host header to determine the context of a 4xx/5xx CONNECT response from a proxy server.
This could allow a man-in-the-middle attacker to execute arbitrary script code in the context of a legitimate server, circumventing the browser's same-origin policy. (CVE-2009-2058)
SolutionUpgrade to Safari 3.2.3 or later.