Safari < 3.2.2 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 4932
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

The version of Safari installed on the remote Windows host is earlier than 3.2.2. Such versions reportedly have multiple vulnerabilities :

- Multiple input validation issues in their handling of 'feed: ' URLs, which could be abused to execute arbitrary JavaScript code in the local security zone. (CVE-2009-0137)

- A cached certificate is not required before displaying a lock icon for a HTTPS web site. This allows a man-in-the-middle attacker to present the user with spoofed web pages over HTTPS that appear to be from a legitimate source. (CVE-2009-2072)

- The browser processes a 3xxx HTTP CONNECT before a successful SSL handshake, which could allow a man-in-the-midddle attacker to execute arbitrary script code in the context of a HTTPS site. (CVE-2009-2062)

Solution

Upgrade to version 3.2.2 or higher.

See Also

http://research.microsoft.com/apps/pubs/default.aspx?id=79323

http://lists.apple.com/archives/security-announce/2009/feb/msg00001.html

http://support.apple.com/kb/ht3439

Plugin Details

Severity: High

ID: 4932

Family: Web Clients

Published: 2/16/2009

Updated: 3/6/2019

Dependencies: 3705

Nessus ID: 35687

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Reference Information

CVE: CVE-2009-0137, CVE-2009-2061, CVE-2009-2062, CVE-2009-2063, CVE-2009-2069, CVE-2009-2070, CVE-2009-2072, CVE-2009-2071, CVE-2009-0123

BID: 35411, 35412, 33234