ID CVE-2010-1789 Type cve Reporter cve@mitre.org Modified 2017-09-19T01:30:00
Description
Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a JavaScript string object.
{"id": "CVE-2010-1789", "bulletinFamily": "NVD", "title": "CVE-2010-1789", "description": "Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a JavaScript string object.", "published": "2010-07-30T20:30:00", "modified": "2017-09-19T01:30:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1789", "reporter": "cve@mitre.org", "references": ["https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11524", "http://secunia.com/advisories/43068", "http://support.apple.com/kb/HT4456", "http://support.apple.com/kb/HT4276", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html", "http://www.securityfocus.com/bid/42020", "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html", "http://www.vupen.com/english/advisories/2010/3046", "http://www.vupen.com/english/advisories/2011/0212", "http://secunia.com/advisories/42314"], "cvelist": ["CVE-2010-1789"], "type": "cve", "lastseen": "2020-12-09T19:34:39", "edition": 5, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["SUSE_11_2_LIBWEBKIT-110111.NASL", "SUSE_11_3_LIBWEBKIT-110104.NASL", "ITUNES_10_0_BANNER.NASL", "ITUNES_10_0.NASL", "SAFARI_5_0_1.NASL", "MACOSX_SAFARI5_0_1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310901138", "OPENVAS:901138"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11040", "SECURITYVULNS:DOC:24396"]}], "modified": "2020-12-09T19:34:39", "rev": 2}, "score": {"value": 8.3, "vector": "NONE", "modified": "2020-12-09T19:34:39", "rev": 2}, "vulnersScore": 8.3}, "cpe": ["cpe:/a:apple:safari:5.0", "cpe:/a:apple:safari:4.0.1", "cpe:/a:apple:safari:4.0.5", "cpe:/a:apple:safari:4.1", "cpe:/a:apple:safari:4.0.2", "cpe:/a:apple:webkit:*", "cpe:/a:apple:safari:4.0", "cpe:/a:apple:safari:4.0.4", "cpe:/a:apple:safari:4.0.3", "cpe:/a:apple:safari:4.0.0b"], "affectedSoftware": [{"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.1"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.1"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0"}, {"cpeName": "apple:webkit", "name": "apple webkit", "operator": "eq", "version": "*"}, {"cpeName": "apple:webkit", "name": "apple webkit", "operator": "eq", "version": "*"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.5"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.5"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.4"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.4"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.0b"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.0b"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.3"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.3"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "le", "version": "4.1"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.2"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "eq", "version": "4.0.2"}, {"cpeName": "apple:safari", "name": "apple safari", "operator": "le", "version": "5.0"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*"], "cwe": ["CWE-119"], "scheme": null, "affectedConfiguration": [{"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.7"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.6.1"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.6.3"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.3"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.9"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.6"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.6.0"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.7"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.4"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.10"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.3"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.8"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.8"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.2"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.11"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.2"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.6.1"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.1"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.7"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.2"}, {"cpeName": "microsoft:windows_7", "name": "microsoft windows 7", "operator": "eq", "version": "*"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.9"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.1"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.4"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.6.4"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.10"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.0"}, {"cpeName": "microsoft:windows_xp", "name": "microsoft windows xp", "operator": "eq", "version": "*"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.11"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.6.0"}, {"cpeName": "microsoft:windows_vista", "name": "microsoft windows vista", "operator": "eq", "version": "*"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.7"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.0"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.1"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.0"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.1"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.5"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.5"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.6.4"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.5"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.0"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.5"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.3"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.6.2"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.8"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.3"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.6"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.6"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.5.4"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.6.2"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.6.3"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.4"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.5.8"}, {"cpeName": "apple:mac_os_x_server", "name": "apple mac os x server", "operator": "eq", "version": "10.4.2"}, {"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "10.4.6"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "versionEndIncluding": "4.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}]}}
{"nessus": [{"lastseen": "2021-01-01T03:16:41", "description": "The version of Apple iTunes installed on the remote Windows host is\nolder than 10.0. Such versions are affected by numerous issues in the\nWebKit component.", "edition": 24, "published": "2010-09-02T00:00:00", "title": "Apple iTunes < 10.0 Multiple (credentialed check)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1789", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_10_0.NASL", "href": "https://www.tenable.com/plugins/nessus/49086", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(49086);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\n \"CVE-2010-1780\",\n \"CVE-2010-1782\",\n \"CVE-2010-1783\",\n \"CVE-2010-1784\",\n \"CVE-2010-1785\",\n \"CVE-2010-1786\",\n \"CVE-2010-1787\",\n \"CVE-2010-1788\",\n \"CVE-2010-1789\", \n \"CVE-2010-1790\",\n \"CVE-2010-1791\",\n \"CVE-2010-1792\",\n \"CVE-2010-1793\"\n );\n script_bugtraq_id(\n 42034,\n 42035, \n 42036,\n 42037,\n 42038,\n 42041, \n 42042, \n 42043,\n 42044,\n 42045, \n 42046,\n 42048,\n 42049\n );\n\n script_name(english:\"Apple iTunes < 10.0 Multiple (credentialed check)\");\n script_summary(english:\"Checks version of iTunes on Windows\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains an application that has multiple\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Apple iTunes installed on the remote Windows host is\nolder than 10.0. Such versions are affected by numerous issues in the\nWebKit component.\");\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://support.apple.com/en-us/HT202104\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://lists.apple.com/archives/security-announce/2010/Sep/msg00000.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 10.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/02\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"SMB/iTunes/Version\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nversion = get_kb_item_or_exit(\"SMB/iTunes/Version\");\nfixed_version = \"10.0.0.68\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n if (report_verbosity > 0)\n {\n path = get_kb_item(\"SMB/iTunes/Path\");\n if (isnull(path)) path = 'n/a';\n\n report =\n '\\n Path : '+path+\n '\\n Installed version : '+version+\n '\\n Fixed version : '+fixed_version+'\\n';\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\nelse exit(0, \"The host is not affected since iTunes \"+version+\" is installed.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:16:41", "description": "The version of Apple iTunes on the remote host is prior to version\n10.0. It is, therefore, affected by multiple vulnerabilities in the\nWebKit component. Note that these only affect WebKit for Windows.", "edition": 24, "published": "2010-09-02T00:00:00", "title": "Apple iTunes < 10.0 Multiple Vulnerabilities (uncredentialed check)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1789", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_10_0_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/49087", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(49087);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\n \"CVE-2010-1780\",\n \"CVE-2010-1782\",\n \"CVE-2010-1783\",\n \"CVE-2010-1784\",\n \"CVE-2010-1785\",\n \"CVE-2010-1786\",\n \"CVE-2010-1787\",\n \"CVE-2010-1788\",\n \"CVE-2010-1789\",\n \"CVE-2010-1790\",\n \"CVE-2010-1791\",\n \"CVE-2010-1792\",\n \"CVE-2010-1793\"\n );\n script_bugtraq_id(\n 42034,\n 42035,\n 42036,\n 42037,\n 42038,\n 42041,\n 42042,\n 42043,\n 42044,\n 42045,\n 42046,\n 42048,\n 42049\n );\n\n script_name(english:\"Apple iTunes < 10.0 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a multimedia application that has multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes on the remote host is prior to version\n10.0. It is, therefore, affected by multiple vulnerabilities in the\nWebKit component. Note that these only affect WebKit for Windows.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT202104\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.apple.com/archives/security-announce/2010/Sep/msg00000.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 10.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"10.0\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:31:21", "description": "The version of Safari installed on the remote Windows host is earlier\nthan 5.0.1. Such versions are potentially affected by numerous \nissues in the following components :\n\n - Safari\n\n - WebKit", "edition": 23, "published": "2010-07-28T00:00:00", "title": "Safari < 5.0.1 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1789", "CVE-2010-1796", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1778", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "SAFARI_5_0_1.NASL", "href": "https://www.tenable.com/plugins/nessus/47888", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (NASL_LEVEL < 3000) exit(1);\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(47888);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n\n script_cve_id(\n \"CVE-2010-1778\",\n \"CVE-2010-1780\",\n \"CVE-2010-1782\",\n \"CVE-2010-1783\",\n \"CVE-2010-1784\",\n \"CVE-2010-1785\",\n \"CVE-2010-1786\",\n \"CVE-2010-1787\",\n \"CVE-2010-1788\",\n \"CVE-2010-1789\",\n \"CVE-2010-1790\",\n \"CVE-2010-1791\",\n \"CVE-2010-1792\",\n \"CVE-2010-1793\",\n \"CVE-2010-1796\"\n );\n script_bugtraq_id(\n 41884,\n 42034,\n 42035, \n 42036,\n 42037,\n 42038,\n 42039,\n 42041,\n 42042,\n 42043,\n 42044,\n 42045,\n 42046,\n 42048,\n 42049\n );\n\n script_name(english:\"Safari < 5.0.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks Safari's version number\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Safari installed on the remote Windows host is earlier\nthan 5.0.1. Such versions are potentially affected by numerous \nissues in the following components :\n\n - Safari\n\n - WebKit\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4276\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Jul/msg00001.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Safari 5.0.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/28\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"safari_installed.nasl\");\n script_require_keys(\"SMB/Safari/FileVersion\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\npath = get_kb_item(\"SMB/Safari/Path\");\nversion = get_kb_item(\"SMB/Safari/FileVersion\");\nif (isnull(version)) exit(1, \"The 'SMB/Safari/FileVersion' KB item is missing.\");\n\nversion_ui = get_kb_item(\"SMB/Safari/ProductVersion\");\nif (isnull(version_ui)) version_ui = version;\n\nif (ver_compare(ver:version, fix:\"5.33.17.8\") == -1)\n{\n if (report_verbosity > 0)\n {\n if (isnull(path)) path = \"n/a\";\n\n report = \n '\\n Path : ' + path + \n '\\n Installed version : ' + version_ui + \n '\\n Fixed version : 5.0.1\\n';\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\nelse exit(0, \"The remote host is not affected since Safari \" + version_ui + \" is installed.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:24:20", "description": "The version of Apple Safari installed on the remote Mac OS X host is\nearlier than 5.0.1 / 4.1.1. As such, it is potentially affected by\nnumerous issues in the following components :\n\n - Safari\n\n - WebKit", "edition": 23, "published": "2010-07-28T00:00:00", "title": "Mac OS X : Apple Safari < 5.0.1 / 4.1.1", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1789", "CVE-2010-1796", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1778", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI5_0_1.NASL", "href": "https://www.tenable.com/plugins/nessus/47887", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47887);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2010-1778\",\n \"CVE-2010-1780\",\n \"CVE-2010-1782\",\n \"CVE-2010-1783\",\n \"CVE-2010-1784\",\n \"CVE-2010-1785\",\n \"CVE-2010-1786\",\n \"CVE-2010-1787\",\n \"CVE-2010-1788\",\n \"CVE-2010-1789\",\n \"CVE-2010-1790\",\n \"CVE-2010-1791\",\n \"CVE-2010-1792\",\n \"CVE-2010-1793\",\n \"CVE-2010-1796\"\n );\n script_bugtraq_id(\n 41884,\n 42034,\n 42035, \n 42036,\n 42037,\n 42038,\n 42039,\n 42041,\n 42042,\n 42043,\n 42044,\n 42045,\n 42046,\n 42048,\n 42049\n );\n\n script_name(english:\"Mac OS X : Apple Safari < 5.0.1 / 4.1.1\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nearlier than 5.0.1 / 4.1.1. As such, it is potentially affected by\nnumerous issues in the following components :\n\n - Safari\n\n - WebKit\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4276\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Jul/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Apple Safari 5.0.1 / 4.1.1 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n \n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/uname\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nuname = get_kb_item_or_exit(\"Host/uname\");\nif (!egrep(pattern:\"Darwin.* (8\\.|9\\.[0-8]\\.|10\\.)\", string:uname)) audit(AUDIT_OS_NOT, \"Mac OS X 10.4 / 10.5 / 10.6\");\n\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nif (egrep(pattern:\"Darwin.* 8\\.\", string:uname)) fixed_version = \"4.1.1\";\nelse fixed_version = \"5.0.1\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Installed version : ' + version + \n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Safari\", version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:54:00", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "edition": 25, "published": "2011-05-05T00:00:00", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0049", "CVE-2010-1813", "CVE-2009-1698", "CVE-2010-0052", "CVE-2010-0315", "CVE-2010-1412", "CVE-2010-3808", "CVE-2009-1691", "CVE-2010-3810", "CVE-2010-1397", "CVE-2009-2419", "CVE-2010-1416", "CVE-2010-1396", "CVE-2010-1417", "CVE-2010-3257", "CVE-2010-1823", "CVE-2010-1789", "CVE-2009-2199", "CVE-2010-1757", "CVE-2010-1409", "CVE-2009-1712", "CVE-2010-0046", "CVE-2010-0651", "CVE-2010-1760", "CVE-2010-0054", "CVE-2010-3809", "CVE-2010-1783", "CVE-2010-3900", "CVE-2009-2200", "CVE-2009-2841", "CVE-2010-3812", "CVE-2009-1695", "CVE-2010-2301", "CVE-2010-3816", "CVE-2009-1718", "CVE-2010-2300", "CVE-2009-1685", "CVE-2010-1749", "CVE-2010-1758", "CVE-2010-1787", "CVE-2010-1771", "CVE-2009-2797", "CVE-2010-1410", "CVE-2010-1807", "CVE-2010-3116", "CVE-2010-0048", "CVE-2010-1415", "CVE-2010-1769", "CVE-2010-3312", "CVE-2010-3818", "CVE-2009-1709", "CVE-2010-1419", "CVE-2010-1407", "CVE-2010-2297", "CVE-2010-1780", "CVE-2010-1766", "CVE-2010-1772", "CVE-2010-3817", "CVE-2010-1389", "CVE-2010-1391", "CVE-2009-1700", "CVE-2009-1684", "CVE-2010-3803", "CVE-2010-1763", "CVE-2009-1725", "CVE-2010-1387", "CVE-2010-3829", "CVE-2010-3824", "CVE-2010-1126", "CVE-2010-1759", "CVE-2010-3811", "CVE-2009-1696", "CVE-2010-0650", "CVE-2009-1703", "CVE-2010-1388", "CVE-2010-0659", "CVE-2010-1786", "CVE-2010-1773", "CVE-2009-3934", "CVE-2010-1729", "CVE-2010-1785", "CVE-2010-1029", "CVE-2009-1689", "CVE-2010-3820", "CVE-2010-1774", "CVE-2010-1395", "CVE-2010-1400", "CVE-2009-1688", "CVE-2009-0945", "CVE-2010-2264", "CVE-2009-1713", "CVE-2010-1406", "CVE-2010-1418", "CVE-2010-3826", "CVE-2010-2302", "CVE-2010-1398", "CVE-2010-1790", "CVE-2009-1711", "CVE-2009-1692", "CVE-2009-1681", "CVE-2010-1401", "CVE-2010-1788", "CVE-2010-3822", "CVE-2010-1413", "CVE-2010-1781", "CVE-2009-1690", "CVE-2010-3805", "CVE-2010-1815", "CVE-2010-1408", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1761", "CVE-2010-1782", "CVE-2010-1814", "CVE-2010-1792", "CVE-2009-1724", "CVE-2010-1422", "CVE-2010-3819", "CVE-2010-1390", "CVE-2010-1767", "CVE-2010-3259", "CVE-2010-1236", "CVE-2010-2441", "CVE-2009-2816", "CVE-2010-0656", "CVE-2009-2195", "CVE-2010-1812", "CVE-2009-3384", "CVE-2009-1687", "CVE-2010-1393", "CVE-2010-1791", "CVE-2010-1770", "CVE-2010-1392", "CVE-2010-1825", "CVE-2010-0647", "CVE-2009-3933", "CVE-2010-1822", "CVE-2009-1699", "CVE-2010-1784", "CVE-2010-1824", "CVE-2010-1233", "CVE-2009-1701", "CVE-2010-0053", "CVE-2009-1715", "CVE-2010-3804", "CVE-2010-0047", "CVE-2009-1714", "CVE-2010-0051", "CVE-2010-1402", "CVE-2010-4040", "CVE-2010-1762", "CVE-2009-1694", "CVE-2010-0050", "CVE-2009-1702", "CVE-2010-1386", "CVE-2010-3821", "CVE-2009-1710", "CVE-2009-3272", "CVE-2010-3813", "CVE-2009-1686", "CVE-2010-1764", "CVE-2010-1405", "CVE-2010-1414", "CVE-2010-3823", "CVE-2009-1693", "CVE-2010-1421", "CVE-2010-2295", "CVE-2010-1394", "CVE-2010-1399", "CVE-2010-0661", "CVE-2010-1793", "CVE-2009-1697"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "p-cpe:/a:novell:opensuse:webkit-jsc"], "id": "SUSE_11_2_LIBWEBKIT-110111.NASL", "href": "https://www.tenable.com/plugins/nessus/53764", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53764);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/25 13:36:41\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-1_0-2-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-devel-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-lang-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"webkit-jsc-1.2.6-0.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-devel / libwebkit-lang / webkit-jsc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:55:28", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "edition": 25, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0049", "CVE-2010-1813", "CVE-2009-1698", "CVE-2010-0052", "CVE-2010-0315", "CVE-2010-1412", "CVE-2010-3808", "CVE-2009-1691", "CVE-2010-3810", "CVE-2010-1397", "CVE-2009-2419", "CVE-2010-1416", "CVE-2010-1396", "CVE-2010-1417", "CVE-2010-3257", "CVE-2010-1823", "CVE-2010-1789", "CVE-2009-2199", "CVE-2010-1757", "CVE-2010-1409", "CVE-2009-1712", "CVE-2010-0046", "CVE-2010-0651", "CVE-2010-1760", "CVE-2010-0054", "CVE-2010-3809", "CVE-2010-1783", "CVE-2010-3900", "CVE-2009-2200", "CVE-2009-2841", "CVE-2010-3812", "CVE-2009-1695", "CVE-2010-2301", "CVE-2010-3816", "CVE-2009-1718", "CVE-2010-2300", "CVE-2009-1685", "CVE-2010-1749", "CVE-2010-1758", "CVE-2010-1787", "CVE-2010-1771", "CVE-2009-2797", "CVE-2010-1410", "CVE-2010-1807", "CVE-2010-3116", "CVE-2010-0048", "CVE-2010-1415", "CVE-2010-1769", "CVE-2010-3312", "CVE-2010-3818", "CVE-2009-1709", "CVE-2010-1419", "CVE-2010-1407", "CVE-2010-2297", "CVE-2010-1780", "CVE-2010-1766", "CVE-2010-1772", "CVE-2010-3817", "CVE-2010-1389", "CVE-2010-1391", "CVE-2009-1700", "CVE-2009-1684", "CVE-2010-3803", "CVE-2010-1763", "CVE-2009-1725", "CVE-2010-1387", "CVE-2010-3829", "CVE-2010-3824", "CVE-2010-1126", "CVE-2010-1759", "CVE-2010-3811", "CVE-2009-1696", "CVE-2010-0650", "CVE-2009-1703", "CVE-2010-1388", "CVE-2010-0659", "CVE-2010-1786", "CVE-2010-1773", "CVE-2009-3934", "CVE-2010-1729", "CVE-2010-1785", "CVE-2010-1029", "CVE-2009-1689", "CVE-2010-3820", "CVE-2010-1774", "CVE-2010-1395", "CVE-2010-1400", "CVE-2009-1688", "CVE-2009-0945", "CVE-2010-2264", "CVE-2009-1713", "CVE-2010-1406", "CVE-2010-1418", "CVE-2010-3826", "CVE-2010-2302", "CVE-2010-1398", "CVE-2010-1790", "CVE-2009-1711", "CVE-2009-1692", "CVE-2009-1681", "CVE-2010-1401", "CVE-2010-1788", "CVE-2010-3822", "CVE-2010-1413", "CVE-2010-1781", "CVE-2009-1690", "CVE-2010-3805", "CVE-2010-1815", "CVE-2010-1408", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1761", "CVE-2010-1782", "CVE-2010-1814", "CVE-2010-1792", "CVE-2009-1724", "CVE-2010-1422", "CVE-2010-3819", "CVE-2010-1390", "CVE-2010-1767", "CVE-2010-3259", "CVE-2010-1236", "CVE-2010-2441", "CVE-2009-2816", "CVE-2010-0656", "CVE-2009-2195", "CVE-2010-1812", "CVE-2009-3384", "CVE-2009-1687", "CVE-2010-1393", "CVE-2010-1791", "CVE-2010-1770", "CVE-2010-1392", "CVE-2010-1825", "CVE-2010-0647", "CVE-2009-3933", "CVE-2010-1822", "CVE-2009-1699", "CVE-2010-1784", "CVE-2010-1824", "CVE-2010-1233", "CVE-2009-1701", "CVE-2010-0053", "CVE-2009-1715", "CVE-2010-3804", "CVE-2010-0047", "CVE-2009-1714", "CVE-2010-0051", "CVE-2010-1402", "CVE-2010-4040", "CVE-2010-1762", "CVE-2009-1694", "CVE-2010-0050", "CVE-2009-1702", "CVE-2010-1386", "CVE-2010-3821", "CVE-2009-1710", "CVE-2009-3272", "CVE-2010-3813", "CVE-2009-1686", "CVE-2010-1764", "CVE-2010-1405", "CVE-2010-1414", "CVE-2010-3823", "CVE-2009-1693", "CVE-2010-1421", "CVE-2010-2295", "CVE-2010-1394", "CVE-2010-1399", "CVE-2010-0661", "CVE-2010-1793", "CVE-2009-1697"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "cpe:/o:novell:opensuse:11.3", "p-cpe:/a:novell:opensuse:webkit-jsc", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit"], "id": "SUSE_11_3_LIBWEBKIT-110104.NASL", "href": "https://www.tenable.com/plugins/nessus/75629", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75629);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/25 13:36:41\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-1_0-2-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-devel-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-lang-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"webkit-jsc-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libwebkit-1_0-2-32bit-1.2.6-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-1_0-2-32bit / libwebkit-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-03-03T21:01:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1789", "CVE-2010-1796", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1778", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "description": "This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.", "modified": "2020-02-28T00:00:00", "published": "2010-08-02T00:00:00", "id": "OPENVAS:1361412562310901138", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310901138", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities - July 10", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities - July 10\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.901138\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-08-02 12:38:17 +0200 (Mon, 02 Aug 2010)\");\n script_bugtraq_id(42020);\n script_cve_id(\"CVE-2010-1778\", \"CVE-2010-1780\", \"CVE-2010-1783\", \"CVE-2010-1782\",\n \"CVE-2010-1785\", \"CVE-2010-1784\", \"CVE-2010-1786\", \"CVE-2010-1788\",\n \"CVE-2010-1787\", \"CVE-2010-1790\", \"CVE-2010-1789\", \"CVE-2010-1792\",\n \"CVE-2010-1791\", \"CVE-2010-1793\", \"CVE-2010-1796\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Apple Safari Multiple Vulnerabilities - July 10\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT4276\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2010/Jul/msg00001.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_mandatory_keys(\"AppleSafari/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation may results in information disclosure, remote code\n execution, denial of service, or other consequences.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari version prior to 5.0.1 (5.33.17.8) on Windows.\");\n\n script_tag(name:\"insight\", value:\"For more information about vulnerabilities on Apple Safari, go through the\n links mentioned in references.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 5.0.1 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"5.33.17.8\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"Safari 5.0.1 (5.33.17.8)\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1789", "CVE-2010-1796", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1778", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "description": "This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.", "modified": "2017-02-22T00:00:00", "published": "2010-08-02T00:00:00", "id": "OPENVAS:901138", "href": "http://plugins.openvas.org/nasl.php?oid=901138", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities - July 10", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_apple_safari_mult_vuln_jul10.nasl 5394 2017-02-22 09:22:42Z teissa $\n#\n# Apple Safari Multiple Vulnerabilities - July 10\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation may results in information disclosure, remote code\n execution, denial of service, or other consequences.\n Impact Level: Application\";\ntag_affected = \"Apple Safari version prior to 5.0.1 (5.33.17.8) on Windows.\";\ntag_insight = \"For more information about vulnerabilities on Apple Safari, go through the\n links mentioned in references.\";\ntag_solution = \"Upgrade to Apple Safari version 5.0.1 or later,\n For updates refer to http://www.apple.com/support/downloads\";\ntag_summary = \"This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(901138);\n script_version(\"$Revision: 5394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-02 12:38:17 +0200 (Mon, 02 Aug 2010)\");\n script_bugtraq_id(42020);\n script_cve_id(\"CVE-2010-1778\",\"CVE-2010-1780\",\"CVE-2010-1783\",\"CVE-2010-1782\",\n \"CVE-2010-1785\",\"CVE-2010-1784\",\"CVE-2010-1786\",\"CVE-2010-1788\",\n \"CVE-2010-1787\",\"CVE-2010-1790\",\"CVE-2010-1789\",\"CVE-2010-1792\",\n \"CVE-2010-1791\",\"CVE-2010-1793\",\"CVE-2010-1796\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Apple Safari Multiple Vulnerabilities - July 10\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT4276\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2010/Jul/msg00001.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_require_keys(\"AppleSafari/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get Apple Safari version from KB\nsafariVer = get_kb_item(\"AppleSafari/Version\");\nif(!safariVer){\n exit(0);\n}\n\n## Check for Apple Safari Version prior to 5.0.1 (5.33.17.8).\nif(version_is_less(version:safariVer, test_version:\"5.33.17.8\")) {\n security_message(0);\n}\n\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:36", "bulletinFamily": "software", "cvelist": ["CVE-2010-1789", "CVE-2010-1796", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1778", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "description": "About the security content of Safari 5.0.1 and Safari 4.1.1\r\n\r\n * Last Modified: July 28, 2010\r\n * Article: HT4276\r\n\r\n\r\nSummary\r\n\r\nThis document describes the security content of Safari 5.0.1 and Safari 4.1.1.\r\n\r\nFor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.\r\n\r\nFor information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."\r\n\r\nWhere possible, CVE IDs are used to reference the vulnerabilities for further information.\r\n\r\nTo learn about other Security Updates, see "Apple Security Updates."\r\nProducts Affected\r\n\r\nProduct Security, Safari 4 (Mac OS X 10.4), Safari 5 (Windows), Safari 5 (Mac OS X 10.6), Safari 5 (Mac OS X 10.5)\r\nSafari 5.0.1 and Safari 4.1.1\r\n\r\n *\r\n\r\n Safari\r\n\r\n CVE-ID: CVE-2010-1778\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Accessing a maliciously crafted RSS feed may cause files from the user's system to be sent to a remote server\r\n\r\n Description: A cross-site scripting issue exists in Safari's handling of RSS feeds. Accessing a maliciously crafted RSS feed may cause files from the user's system to be sent to a remote server. This issue is addressed through improved handling of RSS feeds. Credit to Billy Rios of the Google Security Team for reporting this issue.\r\n\r\n *\r\n\r\n Safari\r\n\r\n CVE-ID: CVE-2010-1796\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Safari's AutoFill feature may disclose information to websites without user interaction\r\n\r\n Description: Safari's AutoFill feature can automatically fill out web forms using designated information in your Mac OS X Address Book, Outlook, or Windows Address Book. By design, user action is required for AutoFill to operate within a web form. An implementation issue exists that allows a maliciously crafted website to trigger AutoFill without user interaction. This can result in the disclosure of information contained within the user's Address Book Card. To trigger the issue, the following two situations are required. First, in Safari Preferences, under AutoFill, the "Autofill web forms using info from my Address Book card" checkbox must be selected. Second, the user's Address Book must have a Card designated as "My Card". Only the information in that specific card is accessed via AutoFill. This issue is addressed by prohibiting AutoFill from using information without user action. Devices running iOS are not affected. Credit to Jeremiah Grossman of WhiteHat Security for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1780\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A use after free issue exists in WebKit's handling of element focus. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of element focus. Credit to Tony Chang of Google, Inc. for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1782\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's rendering of inline elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to wushi of team509 for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1783\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of dynamic modifications to text nodes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1784\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of CSS counters. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. Credit to wushi of team509, working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1785\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An uninitialized memory access issue exists in WebKit's handling of the :first-letter and :first-line pseudo-elements in SVG text elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed by not rendering :first-letter or :first-line pseudo-elements in SVG text elements. Credit to wushi of team509, working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1786\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A use after free issue exists in WebKit's handling of foreignObject elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through additional validation of SVG documents. Credit to wushi of team509, working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1787\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of floating elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1788\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of 'use' elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of 'use' elements in SVG documents. Credit to Justin Schuh of Google, Inc. for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1789\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in WebKit's handling of JavaScript string objects. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1790\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A reentrancy issue exists in WebKit's handling of just-in-time compiled JavaScript stubs. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved synchronization.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1791\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A signedness issue exists in WebKit's handling of JavaScript arrays. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of JavaScript array indices. Credit to Natalie Silvanovich for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1792\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of regular expressions. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of regular expressions. Credit to Peter Varga of University of Szeged for reporting this issue.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2010-1793\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A use after free issue exists in WebKit's handling of "font-face" and "use" elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of "font-face" and "use" elements in SVG documents. Credit to Aki Helin of OUSPG for reporting this issue.\r\n\r\n", "edition": 1, "modified": "2010-08-08T00:00:00", "published": "2010-08-08T00:00:00", "id": "SECURITYVULNS:DOC:24396", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24396", "title": "About the security content of Safari 5.0.1 and Safari 4.1.1", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:38", "bulletinFamily": "software", "cvelist": ["CVE-2010-1789", "CVE-2010-1796", "CVE-2010-1783", "CVE-2010-1787", "CVE-2010-1780", "CVE-2010-1786", "CVE-2010-1785", "CVE-2010-1778", "CVE-2010-1790", "CVE-2010-1788", "CVE-2010-1782", "CVE-2010-1792", "CVE-2010-1791", "CVE-2010-1784", "CVE-2010-1793"], "description": "Information leak, crossdomain access, buffer overflows, memory corruptions.", "edition": 1, "modified": "2010-08-14T00:00:00", "published": "2010-08-14T00:00:00", "id": "SECURITYVULNS:VULN:11040", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11040", "title": "Apple Webkit / Safari multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
