Mac OS X : Apple Safari < 4.0.5

High Nessus Plugin ID 45044

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 7.4

Synopsis

The remote host contains a web browser that is affected by several vulnerabilities.

Description

The version of Apple Safari installed on the remote Mac OS X host is earlier than 4.0.5. As such, it is potentially affected by several issues :

- An implementation issue in the handling of cookies set by RSS and Atom feeds could result in a cookie being set when visiting or updating a feed even if Safari is configured to block cookies via the 'Accept Cookies' preference. (CVE-2010-0044)

- A memory corruption issue in WebKit's handling of CSS format() arguments could lead to a crash or arbitrary code execution. (CVE-2010-0046)

- A use-after-free issue in the handling of HTML object element fallback content could lead to a crash or arbitrary code execution. (CVE-2010-0047)

- A use-after-free issue in WebKit's parsing of XML documents could lead to a crash or arbitrary code execution. (CVE-2010-0048)

- A use-after-free issue in the handling of HTML elements containing right-to-left displayed text could lead to a crash or arbitrary code execution. (CVE-2010-0049)

- A use-after-free issue in WebKit's handling of incorrectly nested HTML tags could lead to a crash or arbitrary code execution. (CVE-2010-0050)

- An implementation issue in WebKit's handling of cross- origin stylesheet requests when visiting a malicious website could result in disclosure of the content of protected resources on another website. (CVE-2010-0051)

- A use-after-free issue in WebKit's handling of callbacks for HTML elements could lead to a crash or arbitrary code execution. (CVE-2010-0052)

- A use-after-free issue in the rendering of content with a CSS display property set to 'run-in' could lead to a crash or arbitrary code execution. (CVE-2010-0053)

- A use-after-free issue in WebKit's handling of HTML image elements could lead to a crash or arbitrary code execution. (CVE-2010-0054)

Solution

Upgrade to Apple Safari 4.0.5 or later.

See Also

http://support.apple.com/kb/HT4070

http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

http://www.securityfocus.com/advisories/19255

Plugin Details

Severity: High

ID: 45044

File Name: macosx_Safari4_0_5.nasl

Version: 1.17

Type: local

Agent: macosx

Published: 2010/03/11

Updated: 2018/07/14

Dependencies: 31604

Risk Information

Risk Factor: High

VPR Score: 7.4

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:apple:safari

Required KB Items: Host/local_checks_enabled, Host/uname, Host/MacOSX/Version, MacOSX/Safari/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/03/11

Vulnerability Publication Date: 2010/03/11

Exploitable With

Core Impact

Reference Information

CVE: CVE-2010-0044, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054

BID: 38675, 38684, 38685, 38686, 38687, 38688, 38689, 38690, 38691, 38692