Lucene search
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_SAFARI9_0_2.NASLHistoryDec 15, 2015 - 12:00 a.m.
Mac OS X : Apple Safari < 9.0.2 Multiple RCE
2015-12-1500:00:00
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
The version of Apple Safari installed on the remote host is prior to 9.0.2. It is, therefore, affected by multiple memory corruption issues in WebKit due to improper memory handling. An unauthenticated, remote attacker can exploit these, via a crafted website, to execute arbitrary code or possibly cause a denial of service.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(87370);
script_version("1.4");
script_cvs_date("Date: 2019/11/20");
script_cve_id(
"CVE-2015-7048",
"CVE-2015-7050",
"CVE-2015-7095",
"CVE-2015-7096",
"CVE-2015-7097",
"CVE-2015-7098",
"CVE-2015-7099",
"CVE-2015-7100",
"CVE-2015-7101",
"CVE-2015-7102",
"CVE-2015-7103",
"CVE-2015-7104"
);
script_bugtraq_id(78720, 78722, 78726);
script_xref(name:"APPLE-SA", value:"APPLE-SA-2015-12-08-5");
script_name(english:"Mac OS X : Apple Safari < 9.0.2 Multiple RCE");
script_summary(english:"Checks the Safari version.");
script_set_attribute(attribute:"synopsis", value:
"The remote host has a web browser installed that is affected by
multiple remote code execution vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Apple Safari installed on the remote host is prior to
9.0.2. It is, therefore, affected by multiple memory corruption issues
in WebKit due to improper memory handling. An unauthenticated, remote
attacker can exploit these, via a crafted website, to execute
arbitrary code or possibly cause a denial of service.");
script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205639");
# http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ea90039a");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apple Safari version 9.0.2 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-7104");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/08");
script_set_attribute(attribute:"patch_publication_date", value:"2015/12/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:safari");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("macosx_Safari31.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "MacOSX/Safari/Installed");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
os = get_kb_item("Host/MacOSX/Version");
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");
if (!ereg(pattern:"Mac OS X 10\.(9|10|11)([^0-9]|$)", string:os)) audit(AUDIT_OS_NOT, "Mac OS X 10.9 / 10.10 / 10.11");
installed = get_kb_item_or_exit("MacOSX/Safari/Installed", exit_code:0);
path = get_kb_item_or_exit("MacOSX/Safari/Path", exit_code:1);
version = get_kb_item_or_exit("MacOSX/Safari/Version", exit_code:1);
fixed_version = "9.0.2";
if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
{
if (report_verbosity > 0)
{
report =
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fixed_version +
'\n';
security_warning(port:0, extra:report);
}
else security_warning(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, "Safari", version, path);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7048
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7098
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7104
www.nessus.org/u?ea90039a
support.apple.com/en-us/HT205639
Related
kaspersky
kaspersky
KLA10721 Multiple vulnerabilities in Apple iTunes
2015-12-12 00:00:00
nessus
nessus
Apple iTunes < 12.3.2 Multiple Vulnerabilities (credentialed check)
2015-12-15 00:00:00
Apple iTunes < 12.3.2 Multiple Vulnerabilities (uncredentialed check)
2015-12-15 00:00:00
Fedora 23 : webkitgtk4-2.10.7-1.fc23 (2016-ec05afb364)
2016-03-04 00:00:00
prion
prion
Memory corruption
2015-12-11 12:00:00
Memory corruption
2015-12-11 11:59:00
Memory corruption
2015-12-11 11:59:00
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve
CVE-2015-7096
2015-12-11 11:59:00
CVE-2015-7098
2015-12-11 11:59:00
fedora
fedora
[SECURITY] Fedora 23 Update: webkitgtk4-2.10.7-1.fc23
2016-02-04 23:25:26
[SECURITY] Fedora 22 Update: webkitgtk4-2.10.7-1.fc22
2016-02-10 10:52:39
[SECURITY] Fedora 22 Update: webkitgtk4-2.10.4-1.fc22
2016-02-01 06:38:54
openvas
openvas
Fedora Update for webkitgtk4 FEDORA-2016-143
2016-02-11 00:00:00
Mageia: Security Advisory (MGASA-2016-0116)
2016-03-31 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerability
2016-03-25 09:38:37
gentoo
gentoo
WebKitGTK+: Multiple vulnerabilities
2017-06-07 00:00:00
Related for MACOSX_SAFARI9_0_2.NASL