Lucene search

K
openvas
Copyright (C) 2019 Greenbone Networks GmbHOPENVAS:1361412562310815818
HistoryOct 30, 2019 - 12:00 a.m.

Apple Safari Security Updates (HT210725)

2019-10-3000:00:00
Copyright (C) 2019 Greenbone Networks GmbH
plugins.openvas.org
35

This host is installed with Apple Safari
and is prone to multiple vulnerabilities.

# Copyright (C) 2019 Greenbone Networks GmbH
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (C) the respective author(s)
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

CPE = "cpe:/a:apple:safari";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.815818");
  script_version("2020-02-28T13:41:47+0000");
  script_cve_id("CVE-2019-8813", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808",
                "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8814", "CVE-2019-8816",
                "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822",
                "CVE-2019-8823", "CVE-2019-8815");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)");
  script_tag(name:"creation_date", value:"2019-10-30 11:34:18 +0530 (Wed, 30 Oct 2019)");
  script_name("Apple Safari Security Updates (HT210725)");

  script_tag(name:"summary", value:"This host is installed with Apple Safari
  and is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is
  present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to,

  - Multiple memory corruption issues related to improper memory handling.

  - A logic issue related to improper state management.");

  script_tag(name:"impact", value:"Successful exploitation allows remote attackers
  to execute arbitrary code and conduct cross site scripting attacks.");

  script_tag(name:"affected", value:"Apple Safari versions before 13.0.3.");

  script_tag(name:"solution", value:"Upgrade to Apple Safari 13.0.3 or later.
  Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"executable_version");
  script_xref(name:"URL", value:"https://support.apple.com/en-us/HT210725");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2019 Greenbone Networks GmbH");
  script_family("General");
  script_dependencies("macosx_safari_detect.nasl");
  script_mandatory_keys("AppleSafari/MacOSX/Version");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_is_less(version:vers, test_version:"13.0.3")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"13.0.3", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(99);
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner
Related for OPENVAS:1361412562310815818