Summary
The host is installed with Apple Safari web browser and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to cause a denial of service.
Impact Level: Application
Solution
Upgrade to Apple Safari 5.0.4 or later,
For updates refer to http://www.apple.com/support/downloads
Insight
The flaw is due to an error when traversing the XPath axis of certain XML files. This can be exploited to cause a crash when an application using the library processes a specially crafted XML file.
Affected
Apple Safari version 5.0.2 and prior.
References
Severity
Classification
-
CVE CVE-2010-4008 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
- Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)
- Apple Safari Secure Cookie Security Bypass Vulnerability (Windows)
- APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability