Safari < 4.0.3 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 5125

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The version of Safari installed on the remote host is earlier than 4.0.3. Such versions are potentially affected by several issues :

- A buffer overflow exists in the handling of EXIF metadata could lead to a crash or arbitrary code execution. (CVE-2009-2188)

- A vulnerability in WebKit's parsing of floating point numbers may allow for remote code execution. (CVE-2009-2195)

- A vulnerability in Safari may let a malicious website to be promoted in Safari's Top Sites. (CVE-2009-2196)

- A vulnerability in how WebKit renders an URL with look alike characters could be used to masquerade a website. (CVE-2009-2199)

- A vulnerability in WebKit may lead to the disclosure of sensitive information. (CVE-2009-2200)

- A heap buffer overflow in CoreGraphics involving the drawing of long text strings could lead to a crash or arbitrary code execution. (CVE-2009-2468)

Solution

Upgrade to Safari 4.0.3 or later.

See Also

http://lists.apple.com/archives/security-announce/2009/aug/msg00002.html

http://www.securityfocus.com/advisories/17616

http://support.apple.com/kb/HT3733

Plugin Details

Severity: Medium

ID: 5125

File Name: 5125.prm

Family: Web Clients

Published: 2009/08/11

Modified: 2016/01/19

Dependencies: 3705

Nessus ID: 40553, 40554

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.1

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apple:safari

Patch Publication Date: 2009/08/11

Vulnerability Publication Date: 2009/08/11

Reference Information

CVE: CVE-2009-2188, CVE-2009-2195, CVE-2009-2196, CVE-2009-2199, CVE-2009-2200, CVE-2009-2468

BID: 36022, 36023, 36024, 36025, 36026

OSVDB: 56986, 56987, 56988, 56989