Safari < 5.0.3 Multiple Vulnerabilities

2010-11-1800:00:00

www.tenable.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.906

Percentile

98.9%

JSON

The version of Safari installed on the remote Windows host is earlier than 5.0.3. As such, it is potentially affected by numerous issues in its WebKit component that could allow arbitrary code execution, session tracking, address bar spoofing, and other sorts of attacks.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(50654);
  script_version("1.14");
  script_cvs_date("Date: 2018/07/27 18:38:15");

  script_cve_id(
    "CVE-2010-1812",
    "CVE-2010-1813",
    "CVE-2010-1814",
    "CVE-2010-1815",
    "CVE-2010-1822",
    "CVE-2010-3116",
    "CVE-2010-3257",
    "CVE-2010-3259",
    "CVE-2010-3803",
    "CVE-2010-3804",
    "CVE-2010-3805",
    "CVE-2010-3808",
    "CVE-2010-3809",
    "CVE-2010-3810",
    "CVE-2010-3811",
    "CVE-2010-3812",
    "CVE-2010-3813",
    "CVE-2010-3816",
    "CVE-2010-3817",
    "CVE-2010-3818",
    "CVE-2010-3819",
    "CVE-2010-3820",
    "CVE-2010-3821",
    "CVE-2010-3822",
    "CVE-2010-3823",
    "CVE-2010-3824",
    "CVE-2010-3826"
  );
  script_bugtraq_id(
    43079,
    43081,
    43083,
    44200,
    44206,
    44950,
    44952,
    44953,
    44954,
    44955,
    44956,
    44957,
    44958,
    44959,
    44960,
    44961,
    44962,
    44963,
    44964,
    44965,
    44967,
    44969,
    44970,
    44971
  );

  script_name(english:"Safari < 5.0.3 Multiple Vulnerabilities");
  script_summary(english:"Checks Safari's version number");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote host contains a web browser that is affected by several
vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The version of Safari installed on the remote Windows host is earlier
than 5.0.3.  As such, it is potentially affected by numerous issues in
its WebKit component that could allow arbitrary code execution, session
tracking, address bar spoofing, and other sorts of attacks."
  );
  script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT4455");
  script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2010/Nov/msg00002.html");
  script_set_attribute(attribute:"solution", value:"Upgrade to Safari 5.0.3 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/09/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/11/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:safari");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("safari_installed.nasl");
  script_require_keys("SMB/Safari/FileVersion");

  exit(0);
}


include("global_settings.inc");
include("misc_func.inc");


version = get_kb_item_or_exit("SMB/Safari/FileVersion");

version_ui = get_kb_item("SMB/Safari/ProductVersion");
if (isnull(version_ui)) version_ui = version;

if (ver_compare(ver:version, fix:"5.33.19.4") == -1)
{
  if (report_verbosity > 0)
  {
    path = get_kb_item("SMB/Safari/Path");
    if (isnull(path)) path = "n/a";

    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version_ui +
      '\n  Fixed version     : 5.0.3 (7533.19.4)\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
}
else exit(0, "The remote host is not affected since Safari " + version_ui + " is installed.");