Mac OS X : Apple Safari < 4.0

high Nessus Plugin ID 39338

Synopsis

The remote host contains a web browser that is affected by several vulnerabilities.

Description

The version of Apple Safari installed on the remote Mac OS X host is earlier than 4.0. As such, it is potentially affected by numerous issues in the following components :

- CFNetwork
- libxml
- Safari
- WebKit

Solution

Upgrade to Apple Safari 4.0 or later.

See Also

http://support.apple.com/kb/HT3613

http://lists.apple.com/archives/security-announce/2009/Jun/msg00002.html

http://www.securityfocus.com/advisories/17079

Plugin Details

Severity: High

ID: 39338

File Name: macosx_Safari4_0.nasl

Version: 1.27

Type: local

Agent: macosx

Published: 6/9/2009

Updated: 7/14/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:apple:safari

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/uname, MacOSX/Safari/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/8/2009

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2006-2783, CVE-2008-1588, CVE-2008-2320, CVE-2008-3281, CVE-2008-3529, CVE-2008-3632, CVE-2008-4225, CVE-2008-4226, CVE-2008-4231, CVE-2008-4409, CVE-2009-1681, CVE-2009-1682, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1690, CVE-2009-1691, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1704, CVE-2009-1708, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-2420, CVE-2009-2421

BID: 35317, 35318, 35319, 35320, 35331, 35332, 35333, 35334, 35340, 35344, 35348, 35349, 35350, 35351, 30487, 31092, 32326, 33276, 35260, 35270, 35271, 35272, 35283, 35284, 35309, 35310, 35311, 35315, 35321, 35322, 35325, 35327, 35328, 35330, 35353, 35481, 35482

CWE: 119, 189, 20, 200, 255, 310, 399, 79, 94