Apple Safari Libxml Denial Of Service Vulnerability Network Vulnerability

Summary

The host is installed with Apple Safari web browser and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attackers to cause a denial of service. Impact Level: Application

Solution

Upgrade to Apple Safari 5.0.4 or later, For updates refer to http://www.apple.com/support/downloads

Insight

The flaw is due to an error when traversing the XPath axis of certain XML files. This can be exploited to cause a crash when an application using the library processes a specially crafted XML file.

Affected

Apple Safari version 5.0.2 and prior.

References

http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
http://secunia.com/advisories/42175/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4008

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Mac OS X)
AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
Apple Safari 'Webkit' Information Disclosure Vulnerability (Win)
Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Windows)

Apple Safari libxml Denial of Service Vulnerability

Take action and discover your vulnerabilities