Summary
This host is installed with Apple Safari Web Browser and is prone to to multiple vulnerabilities.
Impact
Successful exploitation will let the attacker execute arbitrary code, bypass security restrictions, sensitive information disclosure, XSS attacks, execute JavaScript code, DoS attack and can cause other attacks.
Impact Level: System/Application
Solution
Upgrade to Safari version 4.0
http://www.apple.com/support/downloads
Insight
Refer to the reference links for more information on the vulnerabilities.
Affected
Apple Safari version prior to 4.0 on Windows.
References
- http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
- http://scary.beasts.org/security/CESA-2009-006.html
- http://scary.beasts.org/security/CESA-2009-008.html
- http://secunia.com/advisories/35379
- http://support.apple.com/kb/HT3613
- http://www.vupen.com/english/advisories/2009/1522
- http://www.zerodayinitiative.com/advisories/ZDI-09-034
- http://www.zerodayinitiative.com/advisories/published
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- ActFax LPD/LPR Server Denial of Service Vulnerability
- Azeotech DAQFactory NETB Datagram Parsing Stack Buffer Overflow Vulnerability
- Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
- Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Mac OS X)
- Allegro Software RomPager 2.10 Denial of Service