Soluzioni per la vulnerabilità
 |
scansioni aggiunte negli ultimi 7 giorni |
| La Scansione Vulnerabilità periodica di Nimsoft Cloud Monitor verifica le vulnerabilità riportate qui sotto. Per visualizzare le soluzioni per la vulnerabilità più recenti scansionate da WatchMouse, visitare la pagina sulla panoramica delle Soluzioni per la vulnerabilità |
| Categoria: MacOS X Local Security Checks | Fattore di rischio: High | Aggiunto il: 13 mar 2010 |
| Synopsis: The remote host contains a web browser that is affected by several vulnerabilities. Description: The version of Safari installed on the remote Mac OS X host is earlier than 4.0.5. Such versions are potentially affected by several issues : - An implementation issue in the handling of cookies set by RSS and Atom feeds could result in a cookie being set when visiting or updating a feed even if Safari is configured to block cookies via the 'Accept Cookies' preference. (CVE-2010-0044) - A memory corruption issue in WebKit's handling of CSS format() arguments could lead to a crash or arbitrary code execution. (CVE-2010-0046) - A use-after-free issue in the handling of HTML object element fallback content could lead to a crash or arbitrary code execution. (CVE-2010-0047) - A use-after-free issue in WebKit's parsing of XML documents could lead to a crash or arbitrary code execution. (CVE-2010-0048) - A use-after-free issue in the handling of HTML elements containing right-to-left displayed text could lead to a crash or arbitrary code execution. (CVE-2010-0049) - A use-after-free issue in WebKit's handling of incorrectly nested HTML tags could lead to a crash or arbitrary code execution. (CVE-2010-0050) - An implementation issue in WebKit's handling of cross- origin stylesheet requests when visiting a malicious website could result in disclosure of the content of protected resources on another website. (CVE-2010-0051) - A use-after-free issue in WebKit's handling of callbacks for HTML elements could lead to a crash or arbitrary code execution. (CVE-2010-0052) - A use-after-free issue in the rendering of content with a CSS display property set to 'run-in' could lead to a crash or arbitrary code execution. (CVE-2010-0053) - A use-after-free issue in WebKit's handling of HTML image elements could lead to a crash or arbitrary code execution. (CVE-2010-0054) See also: http://support.apple.com/kb/HT4070 http://lists.apple.com/archives/security-announce/2010/mar/msg00000.html http://www.securityfocus.com/advisories/19255 Solution: Upgrade to Safari 4.0.5 or later. Risk factor: High / CVSS Base Score : 9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C) |
||
