Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:3452
HistoryJun 22, 2008 - 12:00 a.m.

Apple Safari自动启动可执行程序漏洞

2008-06-2200:00:00
Root
www.seebug.org
20

EPSS

0.011

Percentile

84.3%

JSON

BUGTRAQ ID: 29835
CVE(CAN) ID: CVE-2008-2306

Safari是苹果家族操作系统中默认捆绑的WEB浏览器。

Safari处理信任站点的方式上存在漏洞,如果用户所访问的站点是Internet Explorer 7中“启动应用程序和不安全文件”设置为“启用”的站点,或Internet Explorer 6中“本地Intranet”或“可信任站点”区中的站点,则安装在Windows平台上的Safari就会自动启动从该站点所下载的可执行文件。

Apple Safari <= 3.1.1
- Microsoft Windows XP SP3
- Microsoft Windows XP SP2
- Microsoft Windows Vista
Apple

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.apple.com/safari/download/” target=“_blank”>http://www.apple.com/safari/download/</a>

Related

cve 1
nvd 1
cvelist 1
prion 1
cert 1
openvas 2
nessus 2
cve
cve
CVE-2008-2306
2008-06-23 20:41:00
nvd
nvd
CVE-2008-2306
2008-06-23 20:41:00
cvelist
cvelist
CVE-2008-2306
2008-06-23 20:00:00
prion
prion
Design/Logic Flaw
2008-06-23 20:41:00
cert
cert
Apple Safari automatically executes downloaded files based on Internet Explorer zone settings
2008-06-20 00:00:00
openvas
openvas
Apple Safari for Windows Multiple Vulnerabilities (Jul 2008)
2008-08-22 00:00:00
Apple Safari for Windows Multiple Vulnerabilities July-08
2008-08-22 00:00:00
nessus
nessus
Safari < 3.1.2 Multiple Vulnerabilities
2008-06-20 00:00:00
Safari < 3.1.2 Multiple Vulnerabilities
2004-08-18 00:00:00

EPSS

0.011

Percentile

84.3%

JSON
Related for SSV:3452
cve1nvd1cvelist1prion1cert1openvas2nessus2