Lucene search
Copyright (C) 2009 Greenbone AGOPENVAS:1361412562310800409HistoryFeb 03, 2009 - 12:00 a.m.
Apple Safari Malformed URI Remote DoS Vulnerability - Windows
2009-02-0300:00:00
Copyright (C) 2009 Greenbone AG
plugins.openvas.org
9
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.8%
Apple Safari web browser is prone to a denial of service (DoS) vulnerability.
# SPDX-FileCopyrightText: 2009 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:apple:safari";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.800409");
script_version("2024-02-15T05:05:39+0000");
script_tag(name:"last_modification", value:"2024-02-15 05:05:39 +0000 (Thu, 15 Feb 2024)");
script_tag(name:"creation_date", value:"2009-02-03 15:40:18 +0100 (Tue, 03 Feb 2009)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_cve_id("CVE-2009-0321");
script_name("Apple Safari Malformed URI Remote DoS Vulnerability - Windows");
script_xref(name:"URL", value:"http://lostmon.blogspot.com/2009/01/safari-for-windows-321-remote-http-uri.html");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/33481");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone AG");
script_family("Denial of Service");
script_dependencies("secpod_apple_safari_detect_win_900003.nasl");
script_mandatory_keys("AppleSafari/Version");
script_tag(name:"impact", value:"Browser crash (application termination) could be the result when attacker
executes arbitrary codes.");
script_tag(name:"affected", value:"Apple Safari 3.2.1 and prior on Windows (Any).");
script_tag(name:"insight", value:"Malformed HTTP domain name can cause the safari web browser to an infinite
loop which leads to memory violation when it tries to resolve the domain,
or when it tries to write a section that contains unknown data.");
script_tag(name:"solution", value:"No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.");
script_tag(name:"summary", value:"Apple Safari web browser is prone to a denial of service (DoS) vulnerability.");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"WillNotFix");
exit(0);
}
include("version_func.inc");
include("host_details.inc");
if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
exit(0);
vers = infos["version"];
path = infos["location"];
if(version_is_less_equal(version:vers, test_version:"3.525.27.1")) {
report = report_fixed_ver(installed_version:vers, fixed_version:"None", install_path:path);
security_message(port:0, data:report);
exit(0);
}
exit(99);
Related
openvas
openvas
Apple Safari Malformed URI Remote DoS Vulnerability (Windows)
2009-02-03 00:00:00
nvd
nvd
CVE-2009-0321
2009-01-28 18:30:00
cvelist
cvelist
CVE-2009-0321
2009-01-28 18:00:00
prion
prion
Design/Logic Flaw
2009-01-28 18:30:00
cve
cve
CVE-2009-0321
2009-01-28 18:30:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.8%
Related for OPENVAS:1361412562310800409