Lucene search

K
nessusTenable9931.PRM
HistoryFeb 01, 2017 - 12:00 a.m.

Safari < 10.0.3 Multiple Vulnerabilities

2017-02-0100:00:00
Tenable
www.tenable.com
15
safari vulnerabilities
prototype access
type confusion
memory initialization
state management
page loading
code execution
data exfiltration

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.055

Percentile

93.3%

Versions of Safari prior to 10.0.3 are affected by multiple vulnerabilities :

  • A prototype access flaw exists that is triggered when handling exceptions. With specially crafted web content, a context-dependent attacker may exfiltrate cross-origin data. (CVE-2017-2350)
  • A type confusion flaw exists that is triggered as input is not properly validated when handling SearchInputType objects. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2017-2354)
  • An unspecified memory initialization flaw exists that may allow a context-dependent attacker to potentially execute arbitrary code. No further details have been provided. (CVE-2017-2355)
  • A flaw exists that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2017-2356)
  • An unspecified state management flaw exists that may allow a context-dependent attacker to spoof the address bar. No further details have been provided. (CVE-2017-2359)
  • A flaw exists that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2017-2362, CVE-2017-2366, CVE-2017-2369)
  • A flaw exists that is triggered as input is not properly validated when handling page loading. This may allow a context-dependent attacker to exfiltrate cross-origin data. (CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2373)
Binary data 9931.prm

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.055

Percentile

93.3%