Lucene search
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_SAFARI8_0_6.NASLHistoryMay 08, 2015 - 12:00 a.m.
Mac OS X : Apple Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities
2015-05-0800:00:00
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.6 / 7.1.6 / 8.0.6. It is, therefore, affected by the following vulnerabilities :
-
Multiple memory corruption issues in WebKit due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to cause a denial of service condition or to execute arbitrary code. (CVE-2015-1152, CVE-2015-1153, and CVE-2015-1154)
-
An information disclosure vulnerability in WebKit History exists due to a state management flaw and improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to disclose sensitive information from the file system. (CVE-2015-1155)
-
A flaw exists in WebKit Page Loading due to improper handling of rel attributes in anchor elements that allows target objects to get unauthorized access to link objects. A remote attacker can exploit this, via a specially crafted web page, to spoof the user interface.
(CVE-2015-1156)
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(83291);
script_version("1.7");
script_cvs_date("Date: 2019/11/22");
script_cve_id(
"CVE-2015-1152",
"CVE-2015-1153",
"CVE-2015-1154",
"CVE-2015-1155",
"CVE-2015-1156"
);
script_bugtraq_id(
74523,
74524,
74525,
74526,
74527
);
script_name(english:"Mac OS X : Apple Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities");
script_summary(english:"Checks the Safari version.");
script_set_attribute(attribute:"synopsis", value:
"The remote host has a web browser installed that is affected by
multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Apple Safari installed on the remote Mac OS X host is
prior to 6.2.6 / 7.1.6 / 8.0.6. It is, therefore, affected by the
following vulnerabilities :
- Multiple memory corruption issues in WebKit due to
improper validation of user-supplied input. A remote
attacker can exploit this, via a specially crafted
web page, to cause a denial of service condition or to
execute arbitrary code. (CVE-2015-1152, CVE-2015-1153,
and CVE-2015-1154)
- An information disclosure vulnerability in WebKit
History exists due to a state management flaw and
improper validation of user-supplied input. A remote
attacker can exploit this, via a specially crafted web
page, to disclose sensitive information from the file
system. (CVE-2015-1155)
- A flaw exists in WebKit Page Loading due to improper
handling of rel attributes in anchor elements that
allows target objects to get unauthorized access to link
objects. A remote attacker can exploit this, via a
specially crafted web page, to spoof the user interface.
(CVE-2015-1156)");
script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT204826");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apple Safari 6.2.6 / 7.1.6 / 8.0.6 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-1154");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/06");
script_set_attribute(attribute:"patch_publication_date", value:"2015/05/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:safari");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("macosx_Safari31.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "MacOSX/Safari/Installed");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
os = get_kb_item("Host/MacOSX/Version");
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");
if (!ereg(pattern:"Mac OS X 10\.([89]|10)([^0-9]|$)", string:os)) audit(AUDIT_OS_NOT, "Mac OS X 10.8 / 10.9 / 10.10");
get_kb_item_or_exit("MacOSX/Safari/Installed");
path = get_kb_item_or_exit("MacOSX/Safari/Path", exit_code:1);
version = get_kb_item_or_exit("MacOSX/Safari/Version", exit_code:1);
if ("10.8" >< os)
fixed_version = "6.2.6";
else if ("10.9" >< os)
fixed_version = "7.1.6";
else
fixed_version = "8.0.6";
if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
{
if (report_verbosity > 0)
{
report =
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fixed_version + '\n';
security_warning(port:0, extra:report);
}
else security_warning(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, "Safari", version, path);
References
Related
securityvulns
securityvulns
Apple Safari / Webkit multiple security vulnerabilities
2015-05-10 00:00:00
APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6
2015-05-10 00:00:00
Apple iOS multiple security vulnerabilities
2015-07-05 00:00:00
nessus
nessus
Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities
2015-09-17 00:00:00
Apple iTunes < 12.2 Multiple Vulnerabilities (credentialed check)
2015-07-03 00:00:00
Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check)
2015-10-26 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities -01 (May 2015) - Mac OS X
2015-05-11 00:00:00
Fedora Update for webkitgtk3 FEDORA-2016-1
2016-03-21 00:00:00
Fedora Update for webkitgtk FEDORA-2016-9
2016-04-11 00:00:00
threatpost
threatpost
Apple Fixes WebKit Vulnerabilities in Safari Browser
2015-05-07 10:49:05
kaspersky
kaspersky
KLA10573 Multiple vulnerabilities in Apple Safari
2015-05-07 00:00:00
KLA10620 Multiple vulnerabilities in Apple iTunes
2015-06-30 00:00:00
KLA10669 Multiple vulnerabilities in Apple iTunes
2015-09-16 00:00:00
prion
prion
Memory corruption
2015-05-08 00:59:00
Memory corruption
2015-05-08 00:59:00
Memory corruption
2015-05-08 00:59:00
cve
cve
cvelist
cvelist
ubuntucve
ubuntucve
nvd
nvd
zdi
zdi
Apple Safari file:// Redirection Sandbox Escape Vulnerabliity
2015-05-15 00:00:00
myhack58
myhack58
fedora
fedora
[SECURITY] Fedora 22 Update: webkitgtk-2.4.10-1.fc22
2016-03-29 19:23:05
[SECURITY] Fedora 23 Update: webkitgtk3-2.4.10-1.fc23
2016-03-21 01:53:49
[SECURITY] Fedora 24 Update: webkitgtk3-2.4.10-1.fc24
2016-03-27 00:38:22
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2016-03-21 00:00:00
mageia
mageia
Updated webkit packages fix security vulnerability
2016-03-25 09:38:37
Updated webkit2 packages fix security vulnerability
2016-03-25 09:38:37
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
Related for MACOSX_SAFARI8_0_6.NASL