Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0123

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2009-0123
Last Modified 22 Jan 2009 01:46:15
Published 15 Jan 2009 12:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0123

Summary

Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to read arbitrary files on a client machine via vectors related to the association of Safari with the (1) feed, (2) feeds, and (3) feedsearch URL types for RSS feeds. NOTE: as of 20090114, the only disclosure is a vague pre-advisory. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Vulnerable Systems

Application

  • Apple Safari


References

XF - safari-rss-feed-info-disclosure(47917)

SECTRACK - 1021581

BID - 33234

SECUNIA - 33458

MISC - http://isc.sans.org/diary.html?storyid=5689

MISC - http://brian.mastenbrook.net/display/27


Last Updated: 27 May 2016 10:50:07