Summary
The host is running Apple Safari web browser and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let the attacker execute arbitrary codes and can cause XSS, Buffer Overflow, JavaScript code injection and denial of service in the context of an affected system.
Impact level: System/Application
Solution
Upgrade to Safari version 3.2.3 or later
http://www.apple.com/safari/download
Insight
Browser faces input validation error while handing 'feed:' protocol based URLs which causes injection of arbitrary codes.
Affected
Apple Safari version prior to 3.2.3 and 4 Beta on Windows
References
Severity
Classification
-
CVE CVE-2009-0162 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
- Apache Struts Cross Site Scripting Vulnerability
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- @Mail WebMail Email Body HTML Injection Vulnerability