4 matches found
Design/Logic Flaw
Apple Safari 3.2.3 does not properly implement the file: protocol handler, which allows remote attackers to read arbitrary files or cause a denial of service launch of multiple Windows Explorer instances via vectors involving an unspecified HTML tag, possibly a related issue to CVE-2009-1703...
Apple Safari Multiple Vulnerabilities June-09 (Windows) - I
This host is installed with Apple Safari Web Browser and is prone to to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbapplesafarimultvulnjun091.nasl 4865 2016-12-28 16:16:43Z teissa $ Apple Safari Multiple Vulnerabilities June-09 Windows - I Authors: Sharath S Copyright: Copyright c...
CVE-2009-1703
WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...
CVE-2009-1703
CVE-2009-1703 concerns WebKit in Apple Safari prior to 4.0, where references to file: URLs within audio and video elements are not blocked. This could let remote attackers determine the existence of arbitrary files by delivering crafted HTML, constituting an information-disclosure risk. The affec...