var-200603-0277
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. Apple Safari is vulnerable to a stack-based buffer overflow. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Apple has released Security Update 2006-001 to address multiple remote and local Mac OS X vulnerabilities. Apple has also released updates to address these issues. There is a directory traversal vulnerability in the implementation of this framework, which allows an attacker to decompress files to any location writable by the current user. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. Solution
Since there is no known patch for this issue at this time, US-CERT is recommending a workaround.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. This can be exploited via a specially crafted email containing an attachment of an ostensibly safe file type (e.g. ".jpg") to execute arbitrary shell commands when the attachment is double-clicked.
SOLUTION: Do not open attachments from untrusted sources.
1) Various security issues exist in the PHP Apache module and scripting environment.
For more information: SA17371
2) An error in automount makes it possible for malicious file servers to cause a vulnerable system to mount file systems with reserved names, which can cause a DoS (Denial of Service) or potentially allow arbitrary code execution.
3) An input validation error in the BOM framework when unpacking certain archives can be exploited to cause files to be unpacked to arbitrary locations via directory traversal attacks.
4) The "passwd" program creates temporary files insecurely, which can be exploited via symlink attacks to create or overwrite arbitrary files with "root" privileges.
5) User directories are insecurely mounted when a FileVault image is created, which may allow unauthorised access to files.
6) An error in IPSec when handling certain error conditions can be exploited to cause a DoS against VPN connections.
7) An error in the LibSystem component can be exploited by malicious people to cause a heap-based buffer overflow via applications when requesting large amounts of memory.
8) The "Download Validation" in the Mail component fails to warn users about unsafe file types when an e-mail attachment is double-clicked.
9) In certain cases a Perl program may fail to drop privileges.
For more information: SA17922
10) A boundary error in rsync can be exploited by authenticated users to cause a heap-based buffer overflow when it's allowed to transfer extended attributes.
11) A boundary error in WebKit's handling of certain HTML can be exploited to cause a heap-based buffer overflow.
12) A boundary error in Safari when parsing JavaScript can be exploited to cause a stack-based buffer overflow and allows execution of arbitrary code when a malicious web page including specially crafted JavaScript is viewed.
13) An error in Safari's security model when handling HTTP redirection can be exploited to execute JavaScript in the local domain via a specially crafted web site.
14) An error in Safari / LaunchServices may cause a malicious application to appear as a safe file type. This may cause a malicious file to be executed automatically when the "Open safe files after downloading" option is enabled.
SOLUTION: Apply Security Update 2006-001.
Mac OS X 10.4.5 (PPC): http://www.apple.com/support/downloads/securityupdate2006001macosx1045ppc.html
Mac OS X 10.4.5 Client (Intel): http://www.apple.com/support/downloads/securityupdate2006001macosx1045clientintel.html
Mac OS X 10.3.9 Client: http://www.apple.com/support/downloads/securityupdate20060011039client.html
Mac OS X 10.3.9 Server: http://www.apple.com/support/downloads/securityupdate20060011039server.html
PROVIDED AND/OR DISCOVERED BY: 3) The vendor credits St\xe9phane Kardas, CERTA. 4) Vade 79 (the vendor also credits Ilja van Sprundel and iDEFENSE). 6) The vendor credits OUSPG from the University of Oulu, NISCC, and CERT-FI. 7) The vendor credits Neil Archibald, Suresec LTD. 10) The vendor credits Jan-Derk Bakker. 11) The vendor credits Suresec LTD.
ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=303382
Vade79: http://fakehalo.us/xosx-passwd.pl
OTHER REFERENCES: SA18963: http://secunia.com/advisories/18963/
SA17922: http://secunia.com/advisories/17922/
SA17371: http://secunia.com/advisories/17371/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. In certain cases, this may cause the system to become unresponsive. Other applications that use the parser may also be affected. Impacts of other vulnerabilities include bypassing security restrictions and denial of service.
I. As further information becomes available, we will publish individual Vulnerability Notes. In addition, more information about VU#999708 is available in US-CERT Technical Cyber Security Alert TA06-053A.
II. Impact
The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes.
III.
Appendix A. References
* US-CERT Vulnerability Note VU#999708 -
<http://www.kb.cert.org/vuls/id/999708>
* US-CERT Vulnerability Note VU#351217 -
<http://www.kb.cert.org/vuls/id/351217>
* US-CERT Vulnerability Note VU#176732 -
<http://www.kb.cert.org/vuls/id/176732>
* US-CERT Technical Cyber Security Alert TA06-053A -
<http://www.us-cert.gov/cas/techalerts/TA06-053A.html>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>
* Apple Security Update 2006-001 -
<http://docs.info.apple.com/article.html?artnum=303382>
* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-062A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA06-062A Feedback VU#351217" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2006 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
March 3, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRAiYnH0pj593lg50AQIdzggAxPbhEKlYyJUdTNqDBGSI+GAQ2oRY9WFx i+2yy5B34IvwyWt04Wb9PxgbCeWHbw9zc8X5xRPZEA/nVQWX/nnz20Tnap8ZRZUC bqlzo9pz2P+TOm3SBKUlZ+Rl0xTUTBJus78oiczzLu/Fy1oB8obC3qfwNDdrykXc i2MupUdRbZ5azrzDmzJGZktpVwJjM9UbXypbwsa1vg5+pAcRf4N0939kcjBML6LH B1jKz3PF0DLX/THj0sAq5PwiE82jCtop1hpD8zVWJOLGX1lbxhcHVLbiFiKaaF7u lKvIAf6ec9h+MQDwAnuA2uaYaQSwofCiWdOPAlueMzq23Ultlinz4g== =5Ooe -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200603-0277",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#351217"
},
{
"db": "CERT/CC",
"id": "VU#433819"
},
{
"db": "CERT/CC",
"id": "VU#176732"
},
{
"db": "BID",
"id": "16907"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
},
{
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "St\u00e9phane Kardas",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
}
],
"trust": 0.6
},
"cve": "CVE-2006-0389",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2006-0389",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "VHN-16497",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-0389",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#351217",
"trust": 0.8,
"value": "17.21"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#433819",
"trust": 0.8,
"value": "9.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#176732",
"trust": 0.8,
"value": "17.21"
},
{
"author": "CNNVD",
"id": "CNNVD-200603-034",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-16497",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#351217"
},
{
"db": "CERT/CC",
"id": "VU#433819"
},
{
"db": "CERT/CC",
"id": "VU#176732"
},
{
"db": "VULHUB",
"id": "VHN-16497"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
},
{
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. Apple Safari is vulnerable to a stack-based buffer overflow. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Apple has released Security Update 2006-001 to address multiple remote and local Mac OS X vulnerabilities. \nApple has also released updates to address these issues. There is a directory traversal vulnerability in the implementation of this framework, which allows an attacker to decompress files to any location writable by the current user. If the user is logged\n on with administrative privileges, the attacker could take complete\n control of an affected system. Solution\n\n Since there is no known patch for this issue at this time, US-CERT is\n recommending a workaround. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. This can be exploited via a specially\ncrafted email containing an attachment of an ostensibly safe file type\n(e.g. \".jpg\") to execute arbitrary shell commands when the attachment\nis double-clicked. \n\nSOLUTION:\nDo not open attachments from untrusted sources. \n\n1) Various security issues exist in the PHP Apache module and\nscripting environment. \n\nFor more information:\nSA17371\n\n2) An error in automount makes it possible for malicious file servers\nto cause a vulnerable system to mount file systems with reserved\nnames, which can cause a DoS (Denial of Service) or potentially allow\narbitrary code execution. \n\n3) An input validation error in the BOM framework when unpacking\ncertain archives can be exploited to cause files to be unpacked to\narbitrary locations via directory traversal attacks. \n\n4) The \"passwd\" program creates temporary files insecurely, which can\nbe exploited via symlink attacks to create or overwrite arbitrary\nfiles with \"root\" privileges. \n\n5) User directories are insecurely mounted when a FileVault image is\ncreated, which may allow unauthorised access to files. \n\n6) An error in IPSec when handling certain error conditions can be\nexploited to cause a DoS against VPN connections. \n\n7) An error in the LibSystem component can be exploited by malicious\npeople to cause a heap-based buffer overflow via applications when\nrequesting large amounts of memory. \n\n8) The \"Download Validation\" in the Mail component fails to warn\nusers about unsafe file types when an e-mail attachment is\ndouble-clicked. \n\n9) In certain cases a Perl program may fail to drop privileges. \n\nFor more information:\nSA17922\n\n10) A boundary error in rsync can be exploited by authenticated users\nto cause a heap-based buffer overflow when it\u0027s allowed to transfer\nextended attributes. \n\n11) A boundary error in WebKit\u0027s handling of certain HTML can be\nexploited to cause a heap-based buffer overflow. \n\n12) A boundary error in Safari when parsing JavaScript can be\nexploited to cause a stack-based buffer overflow and allows execution\nof arbitrary code when a malicious web page including specially\ncrafted JavaScript is viewed. \n\n13) An error in Safari\u0027s security model when handling HTTP\nredirection can be exploited to execute JavaScript in the local\ndomain via a specially crafted web site. \n\n14) An error in Safari / LaunchServices may cause a malicious\napplication to appear as a safe file type. This may cause a malicious\nfile to be executed automatically when the \"Open safe files after\ndownloading\" option is enabled. \n\nSOLUTION:\nApply Security Update 2006-001. \n\nMac OS X 10.4.5 (PPC):\nhttp://www.apple.com/support/downloads/securityupdate2006001macosx1045ppc.html\n\nMac OS X 10.4.5 Client (Intel):\nhttp://www.apple.com/support/downloads/securityupdate2006001macosx1045clientintel.html\n\nMac OS X 10.3.9 Client:\nhttp://www.apple.com/support/downloads/securityupdate20060011039client.html\n\nMac OS X 10.3.9 Server:\nhttp://www.apple.com/support/downloads/securityupdate20060011039server.html\n\nPROVIDED AND/OR DISCOVERED BY:\n3) The vendor credits St\\xe9phane Kardas, CERTA. \n4) Vade 79 (the vendor also credits Ilja van Sprundel and iDEFENSE). \n6) The vendor credits OUSPG from the University of Oulu, NISCC, and\nCERT-FI. \n7) The vendor credits Neil Archibald, Suresec LTD. \n10) The vendor credits Jan-Derk Bakker. \n11) The vendor credits Suresec LTD. \n\nORIGINAL ADVISORY:\nApple:\nhttp://docs.info.apple.com/article.html?artnum=303382\n\nVade79:\nhttp://fakehalo.us/xosx-passwd.pl\n\nOTHER REFERENCES:\nSA18963:\nhttp://secunia.com/advisories/18963/\n\nSA17922:\nhttp://secunia.com/advisories/17922/\n\nSA17371:\nhttp://secunia.com/advisories/17371/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. In certain cases, this may cause the system to become\nunresponsive. Other applications that use the\nparser may also be affected. Impacts of\n other vulnerabilities include bypassing security restrictions and\n denial of service. \n\n\nI. As further information becomes\n available, we will publish individual Vulnerability Notes. In\n addition, more information about VU#999708 is available in US-CERT\n Technical Cyber Security Alert TA06-053A. \n\n\nII. Impact\n\n The impacts of these vulnerabilities vary. For information about\n specific impacts, please see the Vulnerability Notes. \n\n\nIII. \n\n\nAppendix A. References\n\n * US-CERT Vulnerability Note VU#999708 -\n \u003chttp://www.kb.cert.org/vuls/id/999708\u003e\n\n * US-CERT Vulnerability Note VU#351217 -\n \u003chttp://www.kb.cert.org/vuls/id/351217\u003e\n\n * US-CERT Vulnerability Note VU#176732 -\n \u003chttp://www.kb.cert.org/vuls/id/176732\u003e\n\n * US-CERT Technical Cyber Security Alert TA06-053A -\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-053A.html\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/#Safari\u003e\n\n * Apple Security Update 2006-001 -\n \u003chttp://docs.info.apple.com/article.html?artnum=303382\u003e\n\n * Mac OS X: Updating your software -\n \u003chttp://docs.info.apple.com/article.html?artnum=106704\u003e\n\n\n ____________________________________________________________________\n \n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-062A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-062A Feedback VU#351217\" in the\n subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\n\nRevision History\n\n March 3, 2006: Initial release\n \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRAiYnH0pj593lg50AQIdzggAxPbhEKlYyJUdTNqDBGSI+GAQ2oRY9WFx\ni+2yy5B34IvwyWt04Wb9PxgbCeWHbw9zc8X5xRPZEA/nVQWX/nnz20Tnap8ZRZUC\nbqlzo9pz2P+TOm3SBKUlZ+Rl0xTUTBJus78oiczzLu/Fy1oB8obC3qfwNDdrykXc\ni2MupUdRbZ5azrzDmzJGZktpVwJjM9UbXypbwsa1vg5+pAcRf4N0939kcjBML6LH\nB1jKz3PF0DLX/THj0sAq5PwiE82jCtop1hpD8zVWJOLGX1lbxhcHVLbiFiKaaF7u\nlKvIAf6ec9h+MQDwAnuA2uaYaQSwofCiWdOPAlueMzq23Ultlinz4g==\n=5Ooe\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0389"
},
{
"db": "CERT/CC",
"id": "VU#351217"
},
{
"db": "CERT/CC",
"id": "VU#433819"
},
{
"db": "CERT/CC",
"id": "VU#176732"
},
{
"db": "BID",
"id": "16907"
},
{
"db": "VULHUB",
"id": "VHN-16497"
},
{
"db": "PACKETSTORM",
"id": "44162"
},
{
"db": "PACKETSTORM",
"id": "61082"
},
{
"db": "PACKETSTORM",
"id": "44297"
},
{
"db": "PACKETSTORM",
"id": "42522"
},
{
"db": "PACKETSTORM",
"id": "44362"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "19064",
"trust": 3.4
},
{
"db": "USCERT",
"id": "TA06-062A",
"trust": 2.6
},
{
"db": "BID",
"id": "16907",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2006-0389",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "23649",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-0791",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "18220",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#351217",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "27785",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#176732",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#433819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200603-034",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA06-062A",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2006-03-01",
"trust": 0.6
},
{
"db": "XF",
"id": "25040",
"trust": 0.6
},
{
"db": "USCERT",
"id": "TA06-053A",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#999708",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-16497",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "44162",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61082",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "44297",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "44362",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#351217"
},
{
"db": "CERT/CC",
"id": "VU#433819"
},
{
"db": "CERT/CC",
"id": "VU#176732"
},
{
"db": "VULHUB",
"id": "VHN-16497"
},
{
"db": "BID",
"id": "16907"
},
{
"db": "PACKETSTORM",
"id": "44162"
},
{
"db": "PACKETSTORM",
"id": "61082"
},
{
"db": "PACKETSTORM",
"id": "44297"
},
{
"db": "PACKETSTORM",
"id": "42522"
},
{
"db": "PACKETSTORM",
"id": "44362"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
},
{
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"id": "VAR-200603-0277",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16497"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T19:56:11.527000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://docs.info.apple.com/article.html?artnum=303382"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-062a.html"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/19064/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2006/mar/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16907"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/23649"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19064"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/0791"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25040"
},
{
"trust": 0.9,
"url": "http://security-protocols.com/advisory/sp-x22-advisory.txt"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/18220/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/27785/"
},
{
"trust": 0.8,
"url": "http://webkit.opendarwin.org/"
},
{
"trust": 0.8,
"url": "http://www.heise-security.co.uk/news/99257 "
},
{
"trust": 0.8,
"url": "http://www.cert.org/homeusers/email-attachments.html"
},
{
"trust": 0.8,
"url": "http://www.apple.com/macosx/features/mail.html"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc1740"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0791"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25040"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://www.suresec.org/advisories/adv11.pdf"
},
{
"trust": 0.3,
"url": "/archive/1/426586"
},
{
"trust": 0.3,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.3,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://www.kb.cert.org/vuls/id/999708\u003e"
},
{
"trust": 0.2,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-053a.html\u003e"
},
{
"trust": 0.2,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.2,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/macosx/features/safari/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#sgeneral\u003e"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://www.heise-security.co.uk/news/99257"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17922/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate2006001macosx1045clientintel.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate20060011039server.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18963/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate2006001macosx1045ppc.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17371/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/securityupdate20060011039client.html"
},
{
"trust": 0.1,
"url": "http://fakehalo.us/xosx-passwd.pl"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/176732\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-062a.html\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/351217\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#safari\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=303382\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#351217"
},
{
"db": "CERT/CC",
"id": "VU#433819"
},
{
"db": "CERT/CC",
"id": "VU#176732"
},
{
"db": "VULHUB",
"id": "VHN-16497"
},
{
"db": "BID",
"id": "16907"
},
{
"db": "PACKETSTORM",
"id": "44162"
},
{
"db": "PACKETSTORM",
"id": "61082"
},
{
"db": "PACKETSTORM",
"id": "44297"
},
{
"db": "PACKETSTORM",
"id": "42522"
},
{
"db": "PACKETSTORM",
"id": "44362"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
},
{
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#351217"
},
{
"db": "CERT/CC",
"id": "VU#433819"
},
{
"db": "CERT/CC",
"id": "VU#176732"
},
{
"db": "VULHUB",
"id": "VHN-16497"
},
{
"db": "BID",
"id": "16907"
},
{
"db": "PACKETSTORM",
"id": "44162"
},
{
"db": "PACKETSTORM",
"id": "61082"
},
{
"db": "PACKETSTORM",
"id": "44297"
},
{
"db": "PACKETSTORM",
"id": "42522"
},
{
"db": "PACKETSTORM",
"id": "44362"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
},
{
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-03T00:00:00",
"db": "CERT/CC",
"id": "VU#351217"
},
{
"date": "2007-11-27T00:00:00",
"db": "CERT/CC",
"id": "VU#433819"
},
{
"date": "2006-03-03T00:00:00",
"db": "CERT/CC",
"id": "VU#176732"
},
{
"date": "2006-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-16497"
},
{
"date": "2006-03-01T00:00:00",
"db": "BID",
"id": "16907"
},
{
"date": "2006-02-26T03:08:24",
"db": "PACKETSTORM",
"id": "44162"
},
{
"date": "2007-11-26T16:56:43",
"db": "PACKETSTORM",
"id": "61082"
},
{
"date": "2006-03-02T21:01:19",
"db": "PACKETSTORM",
"id": "44297"
},
{
"date": "2005-12-23T08:37:20",
"db": "PACKETSTORM",
"id": "42522"
},
{
"date": "2006-03-06T09:45:32",
"db": "PACKETSTORM",
"id": "44362"
},
{
"date": "2005-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-034"
},
{
"date": "2006-03-03T22:02:00",
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-06T00:00:00",
"db": "CERT/CC",
"id": "VU#351217"
},
{
"date": "2007-11-27T00:00:00",
"db": "CERT/CC",
"id": "VU#433819"
},
{
"date": "2006-03-03T00:00:00",
"db": "CERT/CC",
"id": "VU#176732"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-16497"
},
{
"date": "2006-04-11T19:02:00",
"db": "BID",
"id": "16907"
},
{
"date": "2006-03-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-034"
},
{
"date": "2024-11-21T00:06:21.117000",
"db": "NVD",
"id": "CVE-2006-0389"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "44162"
},
{
"db": "PACKETSTORM",
"id": "44362"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari WebKit component vulnerable to buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#351217"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200603-034"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…