Tenable800990.PRMMac OS X : Safari < 6.0.1 Multiple Vulnerabilities
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.087 Low
EPSS
Percentile
94.6%
The remote Mac OS X host has Safari installed.
Versions of Safari earlier than 6.0.1 are reportedly affected by several issues :
-
A logic error in Safari’s handling of the Quarantine attribute caused the safe mode not to be triggered on Quarantined files, which could lead to the disclosure of local file contents. (CVE-2012-3713)
-
A rare condition in the handling of Form Autofill could lead to the disclosure of information from the Address Book ‘Me’ card that was not included in the Autofill popover. (CVE-2012-3714)
-
A logic issue in the handling of HTTPS URLs in the address bar when pasting text could result in the request being sent over HTTP. (CVE-2012-3715)
-
Numerous issues exist in WebKit. (CVE-2011-3105, CVE-2012-2817, CVE-2012-2818, CVE-2012-2829, CVE-2012-2831, CVE-2012-2842, CVE-2012-2843, CVE-2012-3598, CVE-2012-3601, CVE-2012-3602, CVE-2012-3606, CVE-2012-3607, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3616, CVE-2012-3617, CVE-2012-3621, CVE-2012-3622,CVE-2012-3623, CVE-2012-3624, CVE-2012-3632, CVE-2012-3643, CVE-2012-3647, CVE-2012-3648, CVE-2012-3649, CVE-2012-3651, CVE-2012-3652,CVE-2012-3654, CVE-2012-3657, CVE-2012-3658,CVE-2012-3659, CVE-2012-3660, CVE-2012-3671,CVE-2012-3672, CVE-2012-3673, CVE-2012-3675,CVE-2012-3676, CVE-2012-3677, CVE-2012-3684,CVE-2012-3685, CVE-2012-3687, CVE-2012-3688,CVE-2012-3692, CVE-2012-3699, CVE-2012-3700,CVE-2012-3701, CVE-2012-3702, CVE-2012-3703,CVE-2012-3704, CVE-2012-3705, CVE-2012-3706,CVE-2012-3707, CVE-2012-3708, CVE-2012-3709,CVE-2012-3710, CVE-2012-3711, CVE-2012-3712)
Binary data 800990.prmReferences
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2817
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2842
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2843
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3598
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3601
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3602
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3606
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3607
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3613
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3616
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3617
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3621
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3632
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3643
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3649
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3651
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3657
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3659
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3671
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3672
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3673
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3675
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3676
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3677
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3684
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3685
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3687
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3688
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3692
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3699
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3700
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3701
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3702
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3703
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3704
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3705
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3706
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3707
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3708
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3709
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3710
lists.apple.com/archives/security-announce/2012/Sep/msg00005.html
support.apple.com/kb/HT5502
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.087 Low
EPSS
Percentile
94.6%