Safari < 4.1.1 / 5.0.1 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 5617
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

The remote host has Safari installed.

Versions of Safari earlier than 4.1.1 / 5.0.1 are potentially affected by multiple vulnerabilities :

- Safari's AutoFill feature may disclose information to websites without user interaction. (CVE-2010-1796)

- A use after free issue exists in WebKit's handling of element focus may lead to an application crash or arbitrary code execution. (CVE-2010-1780)

- A memory corruption issue exists in WebKit's rendering of inline elements . (CVE-2010-1782)

- A memory corruption issue exists in WebKit's handling of dynamic modifications to text nodes .

- A memory corruption issue exists in WebKit's handling of CSS counters . (CVE-2010-1784)

- An uninitialized memory access issue exists in WebKit's handling of the ':first-letter' and ':first-line' pseudo-elements in SVG text elements . (CVE-2010-1785)

- A use after free issue exists in WebKit's handling of foreignObject elements in SVG documents. (CVE-2010-1786)

- A memory corruption issue exists in WebKit's handling of floating elements in SVG documents. (CVE-2010-1787)

- A memory corruption issue exists in WebKit's handling of 'use' elements in SVG documents. (CVE-2010-1788)

- A heap buffer overflow exist sin WebKit's handling of JavaScript string objects. (CVE-2010-1789)

- A re-entrancy issue exists in WebKit's handling of just-in-time compiled JavaScript stubs. (CVE-2010-1790)

- A signedness issue exists in WebKit's handling of JavaScript arrays. (CVE-2010-1791)

- A memory corruption issue exists in WebKit's handling of regular expressions. (CVE-2010-1792)

- A use after free issue exists in WebKit's handling of 'font-face' and 'use' elements in SVG documents. (CVE-2010-1793)

Solution

Upgrade to Safari 4.1.1, 5.0.1, or later.

See Also

http://support.apple.com/kb/HT4276

http://lists.apple.com/archives/security-announce/2010/Jul/msg00001.html

Plugin Details

Severity: High

ID: 5617

Family: Web Clients

Published: 7/28/2010

Updated: 3/6/2019

Dependencies: 3705

Nessus ID: 47887, 47888

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Patch Publication Date: 7/28/2010

Vulnerability Publication Date: 7/28/2010

Reference Information

CVE: CVE-2010-1780, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1790, CVE-2010-1792, CVE-2010-1793, CVE-2010-1778, CVE-2010-1796, CVE-2010-1789, CVE-2010-1791

BID: 42034, 42035, 42036, 42037, 42038, 42041, 42042, 42043, 42044, 42046, 42049, 41884, 42039, 42045, 42048