Lucene search

Japan Vulnerability NotesJVN:42676559

HistoryOct 23, 2012 - 12:00 a.m.

JVN#42676559: Safari vulnerable to local file content disclosure

2012-10-2300:00:00

Japan Vulnerability Notes

jvn.jp

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

73.6%

JSON

Safari contains a vulnerability where a local file may be accessed from remote, which may result in a local file content disclosure.

Impact

By opening a specially crafted HTML document as a local file, an arbitrary local file may be obtained from remote even though access from other users is restricted.

Solution

Update the software
Update to the latest version according to the information provided by the developer.

For Windows:
As of October 23, 2012, Safari for Windows which addresses to this issue is not available. Please stop use of Safari for Windows.

Products Affected

Safari prior to 6.0.1

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

73.6%

JSON

Related for JVN:42676559