Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Apple Safari Webkit Multiple Vulnerabilities - March 2011
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with Apple Safari web browser and is prone to multiple vulnerabilities.
Insight
Insight
- An error in the WebKit component when handling redirects during HTTP Basic Authentication can be exploited to disclose the credentials to another site. - An error in the WebKit component when handling the Attr.style accessor can be exploited to inject an arbitrary Cascading Style Sheet (CSS) into another document. - A type checking error in the WebKit component when handling cached resources can be exploited to poison the cache and prevent certain resources from being requested. - An error in the WebKit component when handling HTML5 drag and drop operations across different origins can be exploited to disclose certain content to another site. - An error in the tracking of window origins within the WebKit component can be exploited to disclose the content of files to a remote server. - Input passed to the 'window.console._inspectorCommandLineAPI' property while browsing using the Web Inspector is not properly sanitised before being returned to the user.
Affected Software
Affected Software
Apple Safari versions prior to 5.0.4
Solution
Solution
Upgrade to Apple Safari version 5.0.4 or later.