Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable4556.PRM
HistoryAug 18, 2004 - 12:00 a.m.

Safari < 3.1.2 Multiple Vulnerabilities

2004-08-1800:00:00
Tenable
www.tenable.com
17
JSON

The version of Safari installed on the remote host reportedly is affected by several issues :

  • An out-of-bounds memory read while handling BMP and GIF images may lead to information disclosure (CVE-2008-1573).
  • Safari will automatically launch executable files downloaded from a site if that site is in an IE7 zone with ‘Launching applications and unsafe files’ set to ‘Enable’ or an IE6 ‘Local intranet ’ / ’ Trusted sites’ zone (CVE-2008-2306).
  • There is a memory corruption issue in WebKit’s handling of JavaScript arrays that could be leveraged to crash the application or execute arbitrary code if visiting a malicious site (CVE-2008-2307).
  • When handling an object with an unrecognized content type, Safari does not prompt the user before downloading the object (aka, the ‘carpet-bombing’ issue). If the download location is the Windows Desktop (the default), this could lead to arbitrary code execution (CVE-2008-2540).
Binary data 4556.prm
VendorProductVersionCPE
applesafaricpe:/a:apple:safari

Related

nessus 10
openvas 14
checkpoint_advisories 2
cve 7
securityvulns 5
seebug 4
cert 2
prion 7
ubuntucve 2
fedora 2
debiancve 1
threatpost 1
mskb 1
nessus
nessus
Safari < 3.1.2 Multiple Vulnerabilities
2008-06-20 00:00:00
MS09-015: Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
2009-04-15 00:00:00
Fedora 8 : WebKit-1.0.0-0.10.svn34655.fc8 (2008-6220)
2008-07-10 00:00:00
openvas
openvas
Apple Safari for Windows Multiple Vulnerabilities (Jul 2008)
2008-08-22 00:00:00
Apple Safari for Windows Multiple Vulnerabilities July-08
2008-08-22 00:00:00
Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
2009-04-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple Safari for Windows and Internet Explorer Combined Code Execution (CVE-2008-2540)
2010-07-13 00:00:00
Update Protection against Apple Safari on Windows Platform Remote Code Execution Vulnerability (MS09-015)
2008-06-02 00:00:00
cve
cve
CVE-2008-2306
2008-06-23 20:41:00
CVE-2008-2307
2008-06-23 20:41:00
CVE-2008-1573
2008-06-02 21:30:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-015 – Moderate Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege &#40;959426&#41;
2009-04-15 00:00:00
Microsoft Security Bulletin MS09-014 - Critical Cumulative Security Update for Internet Explorer &#40;963027&#41;
2009-04-15 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2009-04-20 00:00:00
seebug
seebug
Apple Safari自动启动可执行程序漏洞
2008-06-22 00:00:00
Apple Safari内存破坏漏洞
2008-07-03 00:00:00
Apple Safari WebKit JavaScript数组远程溢出漏洞
2008-06-22 00:00:00
cert
cert
Apple Safari contains a memory corruption issue in the handling of JavaScript arrays by WebKit
2008-07-01 00:00:00
Apple Safari automatically executes downloaded files based on Internet Explorer zone settings
2008-06-20 00:00:00
prion
prion
Design/Logic Flaw
2008-06-23 20:41:00
Memory corruption
2008-06-23 20:41:00
Out-of-bounds
2008-06-02 21:30:00
ubuntucve
ubuntucve
CVE-2008-2307
2008-06-23 00:00:00
CVE-2008-2933
2008-07-17 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: WebKit-1.0.0-0.10.svn34655.fc8
2008-07-09 02:49:35
[SECURITY] Fedora 9 Update: WebKit-1.0.0-0.11.svn34655.fc9
2008-07-09 02:43:37
debiancve
debiancve
CVE-2008-2307
2008-06-23 20:41:00
threatpost
threatpost
Microsoft plugs gaping holes in IE, Excel, Windows
2009-04-14 17:56:32
mskb
mskb
MS09-014: Cumulative security update for Internet Explorer
2012-07-18 16:19:51
JSON
Related for 4556.PRM
nessus10openvas14checkpoint_advisories2cve7securityvulns5seebug4cert2prion7ubuntucve2fedora2debiancve1threatpost1mskb1