CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.8%
The version of Safari installed on the remote Windows host is earlier than 5.1. As such, it is potentially affected by numerous issues in the following components :
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(55639);
script_version("1.47");
script_cvs_date("Date: 2018/07/27 18:38:15");
script_cve_id(
"CVE-2010-1383",
"CVE-2010-1420",
"CVE-2010-1823",
"CVE-2010-3829",
"CVE-2011-0164",
"CVE-2011-0195",
"CVE-2011-0200",
"CVE-2011-0201",
"CVE-2011-0202",
"CVE-2011-0204",
"CVE-2011-0206",
"CVE-2011-0214",
"CVE-2011-0215",
"CVE-2011-0216",
"CVE-2011-0217",
"CVE-2011-0218",
"CVE-2011-0219",
"CVE-2011-0221",
"CVE-2011-0222",
"CVE-2011-0223",
"CVE-2011-0225",
"CVE-2011-0232",
"CVE-2011-0233",
"CVE-2011-0234",
"CVE-2011-0235",
"CVE-2011-0237",
"CVE-2011-0238",
"CVE-2011-0240",
"CVE-2011-0241",
"CVE-2011-0242",
"CVE-2011-0244",
"CVE-2011-0253",
"CVE-2011-0254",
"CVE-2011-0255",
"CVE-2011-0981",
"CVE-2011-0983",
"CVE-2011-1107",
"CVE-2011-1109",
"CVE-2011-1114",
"CVE-2011-1115",
"CVE-2011-1117",
"CVE-2011-1121",
"CVE-2011-1188",
"CVE-2011-1190",
"CVE-2011-1203",
"CVE-2011-1204",
"CVE-2011-1288",
"CVE-2011-1293",
"CVE-2011-1295",
"CVE-2011-1296",
"CVE-2011-1449",
"CVE-2011-1451",
"CVE-2011-1453",
"CVE-2011-1457",
"CVE-2011-1462",
"CVE-2011-1774",
"CVE-2011-1797",
"CVE-2011-3443"
);
script_bugtraq_id(
43228,
46262,
46614,
46703,
46785,
47029,
47604,
47668,
48416,
48426,
48427,
48429,
48437,
48820,
48823,
48824,
48825,
48827,
48828,
48831,
48832,
48833,
48837,
48839,
48840,
48841,
48842,
48843,
48844,
48845,
48846,
48847,
48848,
48849,
48850,
48851,
48852,
48853,
48854,
48855,
48856,
48857,
48858,
48859,
48860
);
script_xref(name:"EDB-ID", value:"17575");
script_xref(name:"EDB-ID", value:"17993");
script_xref(name:"MSVR", value:"MSVR11-009");
script_name(english:"Safari < 5.1 Multiple Vulnerabilities");
script_summary(english:"Checks Safari's version number");
script_set_attribute(
attribute:"synopsis",
value:
"The remote host contains a web browser that is affected by several
vulnerabilities."
);
script_set_attribute(
attribute:"description",
value:
"The version of Safari installed on the remote Windows host is earlier
than 5.1. As such, it is potentially affected by numerous issues in
the following components :
- CFNetwork
- ColorSync
- CoreFoundation
- CoreGraphics
- International Components for Unicode
- ImageIO
- libxslt
- libxml
- Safari
- WebKit"
);
script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT4808");
script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2011/Jul/msg00002.html");
script_set_attribute(attribute:"solution", value:"Upgrade to Safari 5.1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploithub_sku", value:"EH-11-678");
script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Apple Safari Webkit libxslt Arbitrary File Creation');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'White_Phosphorus');
script_set_attribute(attribute:"vuln_publication_date", value:"2010/07/26");
script_set_attribute(attribute:"patch_publication_date", value:"2011/07/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/21");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:safari");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
script_dependencies("safari_installed.nasl");
script_require_keys("SMB/Safari/FileVersion");
exit(0);
}
include("global_settings.inc");
include("misc_func.inc");
version = get_kb_item_or_exit("SMB/Safari/FileVersion");
version_ui = get_kb_item("SMB/Safari/ProductVersion");
if (isnull(version_ui)) version_ui = version;
if (ver_compare(ver:version, fix:"5.34.50.0") == -1)
{
if (report_verbosity > 0)
{
path = get_kb_item("SMB/Safari/Path");
if (isnull(path)) path = "n/a";
report =
'\n Path : ' + path +
'\n Installed version : ' + version_ui +
'\n Fixed version : 5.1 (7534.50)\n';
security_hole(port:get_kb_item("SMB/transport"), extra:report);
}
else security_hole(get_kb_item("SMB/transport"));
}
else exit(0, "The remote host is not affected since Safari " + version_ui + " is installed.");
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1383
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1420
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0164
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0195
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0200
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0201
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0202
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0204
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0206
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0214
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0215
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0217
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0218
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0219
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0221
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0222
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0223
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0225
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0232
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0233
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0234
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0235
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0237
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0238
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0240
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0241
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0242
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0244
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0253
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0254
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0255
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0981
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1188
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1190
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1203
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1204
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1288
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1293
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1295
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1296
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1449
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1453
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1457
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1462
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3443
lists.apple.com/archives/security-announce/2011/Jul/msg00002.html
support.apple.com/kb/HT4808