Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0162

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0162
Last Modified 16 May 2009 12:00:00
Published 13 May 2009 11:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0162

Summary

Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL.

Vulnerable Systems

Application

  • Apple Safari 0.8

  • Apple Safari 0.9

  • Apple Safari 1.0

  • Apple Safari 1.0.0

  • Apple Safari 1.0.0b1

  • Apple Safari 1.0.0b2

  • Apple Safari 1.0.1

  • Apple Safari 1.0.2

  • Apple Safari 1.0.3

  • Apple Safari 1.1

  • Apple Safari 1.1.0

  • Apple Safari 1.1.1

  • Apple Safari 1.2

  • Apple Safari 1.2.0

  • Apple Safari 1.2.1

  • Apple Safari 1.2.2

  • Apple Safari 1.2.3

  • Apple Safari 1.2.4

  • Apple Safari 1.2.5

  • Apple Safari 1.3

  • Apple Safari 1.3.0

  • Apple Safari 1.3.1

  • Apple Safari 1.3.2

  • Apple Safari 2

  • Apple Safari 2.0

  • Apple Safari 2.0.0

  • Apple Safari 2.0.1

  • Apple Safari 2.0.2

  • Apple Safari 2.0.3

  • Apple Safari 2.0.4

  • Apple Safari 3

  • Apple Safari 3.0

  • Apple Safari 3.0.0

  • Apple Safari 3.0.1

  • Apple Safari 3.0.2

  • Apple Safari 3.0.3

  • Apple Safari 3.0.4

  • Apple Safari 3.1

  • Apple Safari 3.1.0

  • Apple Safari 3.1.1

  • Apple Safari 3.1.2

  • Apple Safari 3.2

  • Apple Safari 3.2.0

  • Apple Safari 3.2.1

  • Apple Safari 3.2.2

  • Apple Safari 4.0


References

CERT - TA09-133A

CONFIRM - http://support.apple.com/kb/HT3549

APPLE - APPLE-SA-2009-05-12

XF - safari-feedurl-code-execution(50476)

VUPEN - ADV-2009-1298

VUPEN - ADV-2009-1297

SECTRACK - 1022206

BID - 34925

CONFIRM - http://support.apple.com/kb/HT3550

SECUNIA - 35074

SECUNIA - 35056

Related Patches

Apple 2009-05-12 Mac OS X 10.5.7 Combo Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Update

Apple 2009-05-12 Mac OS X 10.5.7 Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Combo Update

Apple 2009-05-12 Safari Update 3.2.3 (Leopard)


Last Updated: 27 May 2016 10:50:08