ID

VAR-200806-0424

CVE

CVE-2008-2306

TITLE

Apple Safari automatically executes downloaded files based on Internet Explorer zone settings

DESCRIPTION

Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files. Windows Edition Safari Is Internet Explorer There is a problem of automatically executing the downloaded file depending on the setting contents. As a result, a remote attacker may execute arbitrary code. Apple Safari is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to run arbitrary code with the privileges of the user running the affected application. This issue affects versions prior to Apple Safari 3.1.2 running on Microsoft Windows XP and Windows Vista. Safari is the web browser bundled by default in the Apple family operating system. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Apple Safari for Windows Multiple Vulnerabilities SECUNIA ADVISORY ID: SA30775 VERIFY ADVISORY: http://secunia.com/advisories/30775/ CRITICAL: Highly critical IMPACT: Exposure of sensitive information, System access WHERE: >From remote REVISION: 1.1 originally posted 2008-06-20 SOFTWARE: Safari for Windows 3.x http://secunia.com/product/17978/ DESCRIPTION: Some vulnerabilities and a security issue have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information or to compromise a user's system. 1) A boundary error within the handling of BMP and GIF images can be exploited to trigger an out-of-bounds read and disclose content in memory. 3) An unspecified error in the handling of Javascript arrays can be exploited to cause a memory corruption when a user visits a specially crafted web page. SOLUTION: Update to version 3.1.2. http://www.apple.com/support/downloads/safari312forwindows.html PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Gynvael Coldwind, Hispasec 2) Will Dormann, CERT/CC 3) James Urquhart CHANGELOG: 2008-06-20: Added link to US-CERT. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT2092 US-CERT VU#127185: http://www.kb.cert.org/vuls/id/127185 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

permissions and access control

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Will Dormann

SOURCES

LAST UPDATE DATE

2025-04-10T22:39:55.168000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE