Safari < 3.2.2 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 4932

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

The version of Safari installed on the remote Windows host is earlier than 3.2.2. Such versions reportedly have multiple vulnerabilities :

- Multiple input validation issues in their handling of 'feed: ' URLs, which could be abused to execute arbitrary JavaScript code in the local security zone. (CVE-2009-0137)

- A cached certificate is not required before displaying a lock icon for a HTTPS web site. This allows a man-in-the-middle attacker to present the user with spoofed web pages over HTTPS that appear to be from a legitimate source. (CVE-2009-2072)

- The browser processes a 3xxx HTTP CONNECT before a successful SSL handshake, which could allow a man-in-the-midddle attacker to execute arbitrary script code in the context of a HTTPS site. (CVE-2009-2062)

Solution

Upgrade to version 3.2.2 or higher.

See Also

http://research.microsoft.com/apps/pubs/default.aspx?id=79323

http://lists.apple.com/archives/security-announce/2009/feb/msg00001.html

http://support.apple.com/kb/ht3439

Plugin Details

Severity: High

ID: 4932

Family: Web Clients

Published: 2009/02/16

Modified: 2018/09/16

Dependencies: 3705

Nessus ID: 35687

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apple:safari

Reference Information

CVE: CVE-2009-0123, CVE-2009-2061, CVE-2009-2063, CVE-2009-2069, CVE-2009-2070, CVE-2009-2071, CVE-2009-0137, CVE-2009-2062, CVE-2009-2072

BID: 33234, 35411, 35412