CVE-2008-2306

Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTIONSHELLEXECUTEHIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files...

Design/Logic Flaw

Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTIONSHELLEXECUTEHIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files...

CVE-2008-2306

Apple Safari for Windows before 3.1.2 is vulnerable to bypassing access restrictions via IE URLAction URLACTION_SHELL_EXECUTE_HIGHRISK, which can cause automatic download and execution of arbitrary files. Multiple sources (NVD CVE-2008-2306) indicate a high-severity issue with CVSS 9.3 (AV:N/AC:M...

CVE-2008-2306

Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTIONSHELLEXECUTEHIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files...