8.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.236 Low
EPSS
Percentile
96.5%
Apple Safari web browser is prone to multiple vulnerabilities.
# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:apple:safari";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.802235");
script_version("2024-02-20T14:37:13+0000");
script_tag(name:"last_modification", value:"2024-02-20 14:37:13 +0000 (Tue, 20 Feb 2024)");
script_tag(name:"creation_date", value:"2011-08-12 14:44:50 +0200 (Fri, 12 Aug 2011)");
script_cve_id("CVE-2010-1824", "CVE-2010-4008", "CVE-2010-4494", "CVE-2011-0111",
"CVE-2011-0112", "CVE-2011-0113", "CVE-2011-0114", "CVE-2011-0115",
"CVE-2011-0116", "CVE-2011-0117", "CVE-2011-0118", "CVE-2011-0119",
"CVE-2011-0120", "CVE-2011-0121", "CVE-2011-0122", "CVE-2011-0123",
"CVE-2011-0124", "CVE-2011-0125", "CVE-2011-0126", "CVE-2011-0127",
"CVE-2011-0128", "CVE-2011-0129", "CVE-2011-0130", "CVE-2011-0131",
"CVE-2011-0132", "CVE-2011-0133", "CVE-2011-0134", "CVE-2011-0135",
"CVE-2011-0136", "CVE-2011-0137", "CVE-2011-0138", "CVE-2011-0139",
"CVE-2011-0140", "CVE-2011-0141", "CVE-2011-0142", "CVE-2011-0143",
"CVE-2011-0144", "CVE-2011-0145", "CVE-2011-0146", "CVE-2011-0147",
"CVE-2011-0148", "CVE-2011-0149", "CVE-2011-0150", "CVE-2011-0151",
"CVE-2011-0152", "CVE-2011-0153", "CVE-2011-0154", "CVE-2011-0155",
"CVE-2011-0156", "CVE-2011-0160", "CVE-2011-0161", "CVE-2011-0163",
"CVE-2011-0165", "CVE-2011-0166", "CVE-2011-0167", "CVE-2011-0168",
"CVE-2011-0169");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("Apple Safari Multiple Vulnerabilities (Mar 2011) - Mac OS X");
script_xref(name:"URL", value:"http://support.apple.com/kb/HT4566");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/44779");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46677");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46684");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46686");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46687");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46688");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46689");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46690");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46691");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46692");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46693");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46694");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46695");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46696");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46698");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46699");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46700");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46701");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46702");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46704");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46705");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46706");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46707");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46708");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46709");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46710");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46711");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46712");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46713");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46714");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46715");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46716");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46717");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46718");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46719");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46720");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46721");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46722");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46723");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46724");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46725");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46726");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46727");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46728");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46744");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46745");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46746");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46747");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46748");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46749");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46808");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46809");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46811");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46814");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46816");
script_xref(name:"URL", value:"http://secunia.com/advisories/43696");
script_xref(name:"URL", value:"http://lists.apple.com/archives/security-announce/2011/mar/msg00004.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2011 Greenbone AG");
script_family("General");
script_dependencies("macosx_safari_detect.nasl");
script_mandatory_keys("AppleSafari/MacOSX/Version");
script_tag(name:"impact", value:"Successful exploitation will allow attacker to disclose potentially
sensitive information, conduct cross-site scripting and spoofing attacks, and compromise a user's system.");
script_tag(name:"affected", value:"Apple Safari versions prior to 5.0.4.");
script_tag(name:"insight", value:"Please see the references for more details about the vulnerabilities.");
script_tag(name:"solution", value:"Upgrade to Apple Safari version 5.0.4 or later.");
script_tag(name:"summary", value:"Apple Safari web browser is prone to multiple vulnerabilities.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
include("host_details.inc");
if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
exit(0);
vers = infos["version"];
path = infos["location"];
if(version_is_less(version:vers, test_version:"5.0.4")) {
report = report_fixed_ver(installed_version:vers, fixed_version:"5.0.4", install_path:path);
security_message(port:0, data:report);
exit(0);
}
exit(99);
lists.apple.com/archives/security-announce/2011/mar/msg00004.html
secunia.com/advisories/43696
support.apple.com/kb/HT4566
www.securityfocus.com/bid/44779
www.securityfocus.com/bid/46677
www.securityfocus.com/bid/46684
www.securityfocus.com/bid/46686
www.securityfocus.com/bid/46687
www.securityfocus.com/bid/46688
www.securityfocus.com/bid/46689
www.securityfocus.com/bid/46690
www.securityfocus.com/bid/46691
www.securityfocus.com/bid/46692
www.securityfocus.com/bid/46693
www.securityfocus.com/bid/46694
www.securityfocus.com/bid/46695
www.securityfocus.com/bid/46696
www.securityfocus.com/bid/46698
www.securityfocus.com/bid/46699
www.securityfocus.com/bid/46700
www.securityfocus.com/bid/46701
www.securityfocus.com/bid/46702
www.securityfocus.com/bid/46704
www.securityfocus.com/bid/46705
www.securityfocus.com/bid/46706
www.securityfocus.com/bid/46707
www.securityfocus.com/bid/46708
www.securityfocus.com/bid/46709
www.securityfocus.com/bid/46710
www.securityfocus.com/bid/46711
www.securityfocus.com/bid/46712
www.securityfocus.com/bid/46713
www.securityfocus.com/bid/46714
www.securityfocus.com/bid/46715
www.securityfocus.com/bid/46716
www.securityfocus.com/bid/46717
www.securityfocus.com/bid/46718
www.securityfocus.com/bid/46719
www.securityfocus.com/bid/46720
www.securityfocus.com/bid/46721
www.securityfocus.com/bid/46722
www.securityfocus.com/bid/46723
www.securityfocus.com/bid/46724
www.securityfocus.com/bid/46725
www.securityfocus.com/bid/46726
www.securityfocus.com/bid/46727
www.securityfocus.com/bid/46728
www.securityfocus.com/bid/46744
www.securityfocus.com/bid/46745
www.securityfocus.com/bid/46746
www.securityfocus.com/bid/46747
www.securityfocus.com/bid/46748
www.securityfocus.com/bid/46749
www.securityfocus.com/bid/46808
www.securityfocus.com/bid/46809
www.securityfocus.com/bid/46811
www.securityfocus.com/bid/46814
www.securityfocus.com/bid/46816