Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.MACOSX_SAFARI5_1_4.NASL
HistoryMar 12, 2012 - 12:00 a.m.

Mac OS X : Apple Safari < 5.1.4 Multiple Vulnerabilities

2012-03-1200:00:00
This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
www.tenable.com
19
JSON

The version of Apple Safari installed on the remote Mac OS X host is earlier than 5.1.4. Thus, it is potentially affected by several issues :

  • Web page visits may be recorded in browser history even when private browsing is active. (CVE-2012-0585)

  • Multiple cross-site scripting issues existed in WebKit. (CVE-2011-3881, CVE-2012-0586, CVE-2012-0587, CVE-2012-0588, CVE-2012-0589)

  • A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. (CVE-2011-3887)

  • Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack. (CVE-2012-0590)

  • Multiple memory corruption issues existed in WebKit.
    (CVE-2011-2825, CVE-2011-2833, CVE-2011-2846, CVE-2011-2847, CVE-2011-2854, CVE-2011-2855, CVE-2011-2857, CVE-2011-2860, CVE-2011-2866, CVE-2011-2867, CVE-2011-2868, CVE-2011-2869, CVE-2011-2870, CVE-2011-2871, CVE-2011-2872, CVE-2011-2873, CVE-2011-2877, CVE-2011-3885, CVE-2011-3888, CVE-2011-3897, CVE-2011-3908, CVE-2011-3909, CVE-2011-3928, CVE-2012-0591, CVE-2012-0592, CVE-2012-0593, CVE-2012-0594, CVE-2012-0595, CVE-2012-0596, CVE-2012-0597, CVE-2012-0598, CVE-2012-0599, CVE-2012-0600, CVE-2012-0601, CVE-2012-0602, CVE-2012-0603, CVE-2012-0604, CVE-2012-0605, CVE-2012-0606, CVE-2012-0607, CVE-2012-0608, CVE-2012-0609, CVE-2012-0610, CVE-2012-0611, CVE-2012-0612, CVE-2012-0613, CVE-2012-0614, CVE-2012-0615, CVE-2012-0616, CVE-2012-0617, CVE-2012-0618, CVE-2012-0619, CVE-2012-0620, CVE-2012-0621, CVE-2012-0622, CVE-2012-0623, CVE-2012-0624, CVE-2012-0625, CVE-2012-0626, CVE-2012-0627, CVE-2012-0628, CVE-2012-0629, CVE-2012-0630, CVE-2012-0631, CVE-2012-0632, CVE-2012-0633, CVE-2012-0635, CVE-2012-0636, CVE-2012-0637, CVE-2012-0638, CVE-2012-0639, CVE-2012-0648)

  • Cookies may be set by third-parties, even when Safari is configured to block them. (CVE-2012-0640)

  • If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. (CVE-2012-0647)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(58322);
  script_version("1.17");
  script_cvs_date("Date: 2018/07/16 12:48:31");

  script_cve_id(
    "CVE-2011-2825",
    "CVE-2011-2833",
    "CVE-2011-2846",
    "CVE-2011-2847",
    "CVE-2011-2854",
    "CVE-2011-2855",
    "CVE-2011-2857",
    "CVE-2011-2860",
    "CVE-2011-2866",
    "CVE-2011-2867",
    "CVE-2011-2868",
    "CVE-2011-2869",
    "CVE-2011-2870",
    "CVE-2011-2871",
    "CVE-2011-2872",
    "CVE-2011-2873",
    "CVE-2011-2877",
    "CVE-2011-3881",
    "CVE-2011-3885",
    "CVE-2011-3886",
    "CVE-2011-3888",
    "CVE-2011-3897",
    "CVE-2011-3908",
    "CVE-2011-3909",
    "CVE-2011-3928",
    "CVE-2012-0585",
    "CVE-2012-0586",
    "CVE-2012-0587",
    "CVE-2012-0588",
    "CVE-2012-0589",
    "CVE-2012-0590",
    "CVE-2012-0591",
    "CVE-2012-0592",
    "CVE-2012-0593",
    "CVE-2012-0594",
    "CVE-2012-0595",
    "CVE-2012-0596",
    "CVE-2012-0597",
    "CVE-2012-0598",
    "CVE-2012-0599",
    "CVE-2012-0600",
    "CVE-2012-0601",
    "CVE-2012-0602",
    "CVE-2012-0603",
    "CVE-2012-0604",
    "CVE-2012-0605",
    "CVE-2012-0606",
    "CVE-2012-0607",
    "CVE-2012-0608",
    "CVE-2012-0609",
    "CVE-2012-0610",
    "CVE-2012-0611",
    "CVE-2012-0612",
    "CVE-2012-0613",
    "CVE-2012-0614",
    "CVE-2012-0615",
    "CVE-2012-0616",
    "CVE-2012-0617",
    "CVE-2012-0618",
    "CVE-2012-0619",
    "CVE-2012-0620",
    "CVE-2012-0621",
    "CVE-2012-0622",
    "CVE-2012-0623",
    "CVE-2012-0624",
    "CVE-2012-0625",
    "CVE-2012-0626",
    "CVE-2012-0627",
    "CVE-2012-0628",
    "CVE-2012-0629",
    "CVE-2012-0630",
    "CVE-2012-0631",
    "CVE-2012-0632",
    "CVE-2012-0633",
    "CVE-2012-0635",
    "CVE-2012-0636",
    "CVE-2012-0637",
    "CVE-2012-0638",
    "CVE-2012-0639",
    "CVE-2012-0640",
    "CVE-2012-0647",
    "CVE-2012-0648"
  );
  script_bugtraq_id(
    49279,
    49658,
    49938,
    50360,
    50642,
    51041,
    51641,
    52363,
    52365,
    52367,
    52419,
    52421,
    52423,
    52956,
    53148
  );

  script_name(english:"Mac OS X : Apple Safari < 5.1.4 Multiple Vulnerabilities");
  script_summary(english:"Check the Safari SourceVersion");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote host contains a web browser that is affected by several
vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The version of Apple Safari installed on the remote Mac OS X host is
earlier than 5.1.4.  Thus, it is potentially affected by several
issues :
 
  - Web page visits may be recorded in browser history even 
    when private browsing is active. (CVE-2012-0585)

  - Multiple cross-site scripting issues existed in WebKit. 
    (CVE-2011-3881, CVE-2012-0586, CVE-2012-0587, 
    CVE-2012-0588, CVE-2012-0589)

  - A cross-origin issue existed in WebKit, which may allow 
    cookies to be disclosed across origins. (CVE-2011-3887)

  - Visiting a maliciously crafted website and dragging 
    content with the mouse may lead to a cross-site 
    scripting attack. (CVE-2012-0590)

  - Multiple memory corruption issues existed in WebKit.
    (CVE-2011-2825, CVE-2011-2833, CVE-2011-2846, 
     CVE-2011-2847, CVE-2011-2854, CVE-2011-2855, 
     CVE-2011-2857, CVE-2011-2860, CVE-2011-2866, 
     CVE-2011-2867, CVE-2011-2868, CVE-2011-2869,
     CVE-2011-2870, CVE-2011-2871, CVE-2011-2872, 
     CVE-2011-2873, CVE-2011-2877, CVE-2011-3885, 
     CVE-2011-3888, CVE-2011-3897, CVE-2011-3908, 
     CVE-2011-3909, CVE-2011-3928, CVE-2012-0591,
     CVE-2012-0592, CVE-2012-0593, CVE-2012-0594, 
     CVE-2012-0595, CVE-2012-0596, CVE-2012-0597, 
     CVE-2012-0598, CVE-2012-0599, CVE-2012-0600, 
     CVE-2012-0601, CVE-2012-0602, CVE-2012-0603,
     CVE-2012-0604, CVE-2012-0605, CVE-2012-0606, 
     CVE-2012-0607, CVE-2012-0608, CVE-2012-0609, 
     CVE-2012-0610, CVE-2012-0611, CVE-2012-0612, 
     CVE-2012-0613, CVE-2012-0614, CVE-2012-0615,
     CVE-2012-0616, CVE-2012-0617, CVE-2012-0618, 
     CVE-2012-0619, CVE-2012-0620, CVE-2012-0621, 
     CVE-2012-0622, CVE-2012-0623, CVE-2012-0624, 
     CVE-2012-0625, CVE-2012-0626, CVE-2012-0627,
     CVE-2012-0628, CVE-2012-0629, CVE-2012-0630, 
     CVE-2012-0631, CVE-2012-0632, CVE-2012-0633, 
     CVE-2012-0635, CVE-2012-0636, CVE-2012-0637, 
     CVE-2012-0638, CVE-2012-0639, CVE-2012-0648)

   - Cookies may be set by third-parties, even when Safari 
     is configured to block them. (CVE-2012-0640)

   - If a site uses HTTP authentication and redirects to 
     another site, the authentication credentials may be 
     sent to the other site. (CVE-2012-0647)"
  );
  script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-12-147/");
  script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2012/Aug/267");
  script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT5190");
  script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html");
  script_set_attribute(attribute:"solution", value:"Upgrade to Apple Safari 5.1.4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/03/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/03/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/03/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:safari");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks"); 

  script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");

  script_dependencies("macosx_Safari31.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "MacOSX/Safari/Installed");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
os = get_kb_item("Host/MacOSX/Version");
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");

if (!ereg(pattern:"Mac OS X 10\.[67]([^0-9]|$)", string:os)) audit(AUDIT_OS_NOT, "Mac OS X 10.6 / 10.7");


get_kb_item_or_exit("MacOSX/Safari/Installed");
path = get_kb_item_or_exit("MacOSX/Safari/Path", exit_code:1);
version = get_kb_item_or_exit("MacOSX/Safari/Version", exit_code:1);

fixed_version = "5.1.4";

if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
{
  set_kb_item(name:'www/0/XSS', value:TRUE);

  if (report_verbosity > 0)
  {
    report = 
      '\n  Installed version : ' + version + 
      '\n  Fixed version     : ' + fixed_version + '\n';
    security_hole(port:0, extra:report);
  }
  else security_hole(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, "Safari", version);
VendorProductVersionCPE
applesafaricpe:/a:apple:safari

References

Related

openvas 11
nessus 9
securityvulns 4
prion 44
cve 46
cvelist 48
ubuntucve 17
debiancve 15
zdi 3
threatpost 1
chrome 1
openvas
openvas
Apple Safari Webkit Multiple Vulnerabilities (Mar 2012) - Mac OS X
2012-03-13 00:00:00
Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
2012-03-13 00:00:00
Apple Safari Webkit Multiple Vulnerabilities - March12 (Windows)
2012-03-13 00:00:00
nessus
nessus
Safari < 5.1.4 Multiple Vulnerabilities
2012-03-12 00:00:00
Apple iTunes < 10.6 Multiple Vulnerabilities (uncredentialed check)
2012-03-12 00:00:00
Apple iTunes < 10.6 Multiple Vulnerabilities (credentialed check)
2012-03-12 00:00:00
securityvulns
securityvulns
Apple WebKit &#40;iTunes, iPhone, Safari, Google Chrome&#41; multiple security vulnerabilities
2012-08-27 00:00:00
APPLE-SA-2012-03-07-1 iTunes 10.6
2012-03-09 00:00:00
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
2012-03-09 00:00:00
prion
prion
Cross site scripting
2012-03-08 22:55:00
Cross site scripting
2012-03-08 22:55:00
Cross site scripting
2012-03-08 22:55:00
cve
cve
CVE-2012-0587
2012-03-08 22:55:00
CVE-2012-0589
2012-03-08 22:55:00
CVE-2012-0586
2012-03-08 22:55:00
cvelist
cvelist
CVE-2012-0586
2012-03-08 22:00:00
CVE-2012-0587
2012-03-08 22:00:00
CVE-2012-0588
2012-03-08 22:00:00
ubuntucve
ubuntucve
CVE-2011-3888
2011-10-25 00:00:00
CVE-2011-3928
2012-01-24 00:00:00
CVE-2011-3886
2011-10-25 00:00:00
debiancve
debiancve
CVE-2011-3886
2011-10-25 19:55:00
CVE-2011-3928
2012-01-24 04:03:00
CVE-2011-2854
2011-09-19 12:02:00
zdi
zdi
Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability
2012-04-09 00:00:00
WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability
2012-08-22 00:00:00
Webkit fontface Invalid Font Family Remote Code Execution Vulnerability
2012-03-26 00:00:00
threatpost
threatpost
Google Fixes 27 Bugs in Chrome 15
2011-10-25 17:51:34
chrome
chrome
Chrome Stable Release
2011-10-25 00:00:00
JSON
Related for MACOSX_SAFARI5_1_4.NASL
openvas11nessus9securityvulns4prion44cve46cvelist48ubuntucve17debiancve15zdi3threatpost1chrome1