Lucene search
HistoryJun 10, 2009 - 6:00 p.m.
CVE-2009-1708
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
High
EPSS
0.033
Percentile
91.4%
Apple Safari before 4.0 does not prevent calls to the open-help-anchor URL handler by web sites, which allows remote attackers to open arbitrary local help files, and execute arbitrary code or obtain sensitive information, via a crafted call.
Affected configurations
Node
applesafariRange≤4.0_beta-mac
ORapplesafariMatch0.8-mac
ORapplesafariMatch0.9-mac
ORapplesafariMatch1.0-mac
ORapplesafariMatch1.0.3-mac
ORapplesafariMatch1.1-mac
ORapplesafariMatch1.2-mac
ORapplesafariMatch1.3-mac
ORapplesafariMatch1.3.1-mac
ORapplesafariMatch1.3.2-mac
ORapplesafariMatch2.0-mac
ORapplesafariMatch2.0.2-mac
ORapplesafariMatch2.0.4-mac
ORapplesafariMatch3.0-mac
ORapplesafariMatch3.0.2-mac
ORapplesafariMatch3.0.3-mac
ORapplesafariMatch3.0.4-mac
ORapplesafariMatch3.1-mac
ORapplesafariMatch3.1.1-mac
ORapplesafariMatch3.1.2-mac
ORapplesafariMatch3.2.1-mac
ORapplesafariMatch3.2.3-mac
Node
applesafariRange≤3.2.3-windows
ORapplesafariMatch3.0-windows
ORapplesafariMatch3.0.1-windows
ORapplesafariMatch3.0.2-windows
ORapplesafariMatch3.0.3-windows
ORapplesafariMatch3.0.4-windows
ORapplesafariMatch3.1-windows
ORapplesafariMatch3.1.1-windows
ORapplesafariMatch3.1.2-windows
ORapplesafariMatch3.2-windows
ORapplesafariMatch3.2.1-windows
ORapplesafariMatch3.2.2-windows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | safari | * | cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:* |
| apple | safari | 0.8 | cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:* |
| apple | safari | 0.9 | cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:* |
| apple | safari | 1.0 | cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:* |
| apple | safari | 1.0.3 | cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:* |
| apple | safari | 1.1 | cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:* |
| apple | safari | 1.2 | cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:* |
| apple | safari | 1.3 | cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:* |
| apple | safari | 1.3.1 | cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:* |
| apple | safari | 1.3.2 | cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2009-06-10 18:00:00
cvelist
cvelist
CVE-2009-1708
2009-06-10 17:37:00
cve
cve
CVE-2009-1708
2009-06-10 18:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities - 01 - (Jun 2009) - Windows
2009-06-16 00:00:00
Apple Safari Multiple Vulnerabilities June-09 (Windows) - I
2009-06-16 00:00:00
seebug
seebug
Apple Safari 4.0多个安全漏洞
2009-06-11 00:00:00
nessus
nessus
Mac OS X : Apple Safari < 4.0
2009-06-09 00:00:00
Safari < 4.0 Multiple Vulnerabilities
2009-06-09 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
High
EPSS
0.033
Percentile
91.4%
Related for NVD:CVE-2009-1708