Apple MAC OS X V10.6.8 Safari Multiple Vulnerabilities Network Vulnerability

Summary

This host is installed with Safari and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allow attackers to opening a maliciously crafted files, which leads to an unexpected application termination or arbitrary code execution. Impact Level: System/Application

Solution

Upgrade to Safari version 5.1.1 on later For updates refer to http://www.apple.com/safari/download/

Insight

The flaws are due to - A directory traversal issue existed in the handling of safari-extension:// URLs. - A policy issue existed in the handling of file:// URLs. - An uninitialized memory access issue existed in the handling of SSL certificates. - Multiple memory corruption issues existed in WebKit. - A cross-origin issue existed in the handling of the beforeload event, window.open method, document.documentURI property and inactive DOM windows in webkit. - A logic issue existed in the handling of cookies in Private Browsing mode.

Affected

Safari version prior to 5.1.1 on MAC OS X/Mac OS X Server 10.6.8

References

http://support.apple.com/kb/HT5000

Updated on 2017-03-28

Severity

Classification

CVE

CVE-2011-1440, CVE-2011-2338, CVE-2011-2339, CVE-2011-2341, CVE-2011-2351, CVE-2011-2352, CVE-2011-2354, CVE-2011-2356, CVE-2011-2359, CVE-2011-2788, CVE-2011-2790, CVE-2011-2792, CVE-2011-2797, CVE-2011-2799, CVE-2011-2800, CVE-2011-2805, CVE-2011-2809, CVE-2011-2811, CVE-2011-2813, CVE-2011-2814, CVE-2011-2815, CVE-2011-2816, CVE-2011-2817, CVE-2011-2818, CVE-2011-2819, CVE-2011-2820, CVE-2011-2823, CVE-2011-2827, CVE-2011-2831, CVE-2011-2832, CVE-2011-2833, CVE-2011-2834, CVE-2011-3229, CVE-2011-3230, CVE-2011-3231, CVE-2011-3235, CVE-2011-3236, CVE-2011-3237, CVE-2011-3238, CVE-2011-3239, CVE-2011-3241, CVE-2011-3242, CVE-2011-3243

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apple MAC OS X v10.6.8 Safari Multiple Vulnerabilities

Take action and discover your vulnerabilities