var-200806-0424
Vulnerability from variot
Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files. Windows Edition Safari Is Internet Explorer There is a problem of automatically executing the downloaded file depending on the setting contents. As a result, a remote attacker may execute arbitrary code. Apple Safari is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to run arbitrary code with the privileges of the user running the affected application. This issue affects versions prior to Apple Safari 3.1.2 running on Microsoft Windows XP and Windows Vista. Safari is the web browser bundled by default in the Apple family operating system. ----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/
TITLE: Apple Safari for Windows Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA30775
VERIFY ADVISORY: http://secunia.com/advisories/30775/
CRITICAL: Highly critical
IMPACT: Exposure of sensitive information, System access
WHERE:
From remote
REVISION: 1.1 originally posted 2008-06-20
SOFTWARE: Safari for Windows 3.x http://secunia.com/product/17978/
DESCRIPTION: Some vulnerabilities and a security issue have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information or to compromise a user's system.
1) A boundary error within the handling of BMP and GIF images can be exploited to trigger an out-of-bounds read and disclose content in memory.
3) An unspecified error in the handling of Javascript arrays can be exploited to cause a memory corruption when a user visits a specially crafted web page.
SOLUTION: Update to version 3.1.2. http://www.apple.com/support/downloads/safari312forwindows.html
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Gynvael Coldwind, Hispasec 2) Will Dormann, CERT/CC 3) James Urquhart
CHANGELOG: 2008-06-20: Added link to US-CERT.
ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT2092
US-CERT VU#127185: http://www.kb.cert.org/vuls/id/127185
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200806-0424",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": "safari",
"scope": "lte",
"trust": 0.8,
"vendor": "apple",
"version": "for windows version 3.1.1"
},
{
"model": "windows vista",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#127185"
},
{
"db": "BID",
"id": "29835"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
},
{
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Will Dormann",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
}
],
"trust": 0.6
},
"cve": "CVE-2008-2306",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2008-2306",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-32431",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-2306",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#127185",
"trust": 0.8,
"value": "8.10"
},
{
"author": "NVD",
"id": "CVE-2008-2306",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200806-301",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-32431",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#127185"
},
{
"db": "VULHUB",
"id": "VHN-32431"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
},
{
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files. Windows Edition Safari Is Internet Explorer There is a problem of automatically executing the downloaded file depending on the setting contents. As a result, a remote attacker may execute arbitrary code. Apple Safari is prone to a remote code-execution vulnerability. \nSuccessfully exploiting this issue will allow attackers to run arbitrary code with the privileges of the user running the affected application. \nThis issue affects versions prior to Apple Safari 3.1.2 running on Microsoft Windows XP and Windows Vista. Safari is the web browser bundled by default in the Apple family operating system. ----------------------------------------------------------------------\n\nWant a new job?\n\nhttp://secunia.com/secunia_security_specialist/\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\nInternational Partner Manager - Project Sales in the IT-Security\nIndustry:\nhttp://corporate.secunia.com/about_secunia/64/\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Safari for Windows Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA30775\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/30775/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nExposure of sensitive information, System access\n\nWHERE:\n\u003eFrom remote\n\nREVISION:\n1.1 originally posted 2008-06-20\n\nSOFTWARE:\nSafari for Windows 3.x\nhttp://secunia.com/product/17978/\n\nDESCRIPTION:\nSome vulnerabilities and a security issue have been reported in Apple\nSafari, which can be exploited by malicious people to disclose\nsensitive information or to compromise a user\u0027s system. \n\n1) A boundary error within the handling of BMP and GIF images can be\nexploited to trigger an out-of-bounds read and disclose content in\nmemory. \n\n3) An unspecified error in the handling of Javascript arrays can be\nexploited to cause a memory corruption when a user visits a specially\ncrafted web page. \n\nSOLUTION:\nUpdate to version 3.1.2. \nhttp://www.apple.com/support/downloads/safari312forwindows.html\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Gynvael Coldwind, Hispasec\n2) Will Dormann, CERT/CC\n3) James Urquhart\n\nCHANGELOG:\n2008-06-20: Added link to US-CERT. \n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT2092\n\nUS-CERT VU#127185:\nhttp://www.kb.cert.org/vuls/id/127185\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2306"
},
{
"db": "CERT/CC",
"id": "VU#127185"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"db": "BID",
"id": "29835"
},
{
"db": "VULHUB",
"id": "VHN-32431"
},
{
"db": "PACKETSTORM",
"id": "67541"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#127185",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2008-2306",
"trust": 2.8
},
{
"db": "BID",
"id": "29835",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "30775",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1020329",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1882",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200806-301",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2008-06-19",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-32431",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "67541",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#127185"
},
{
"db": "VULHUB",
"id": "VHN-32431"
},
{
"db": "BID",
"id": "29835"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"db": "PACKETSTORM",
"id": "67541"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
},
{
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"id": "VAR-200806-0424",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-32431"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:06:29.484000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Safari 3.1.2 for Windows",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT2092"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-32431"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/127185"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//jun/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/29835"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020329"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30775"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1882/references"
},
{
"trust": 0.9,
"url": "http://support.apple.com/kb/ht2092"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/en-us/library/ms537183.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2306"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu127185/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2306"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1882/references"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/30775/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/safari312forwindows.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/about_secunia/64/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17978/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#127185"
},
{
"db": "VULHUB",
"id": "VHN-32431"
},
{
"db": "BID",
"id": "29835"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"db": "PACKETSTORM",
"id": "67541"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
},
{
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#127185"
},
{
"db": "VULHUB",
"id": "VHN-32431"
},
{
"db": "BID",
"id": "29835"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"db": "PACKETSTORM",
"id": "67541"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
},
{
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-06-20T00:00:00",
"db": "CERT/CC",
"id": "VU#127185"
},
{
"date": "2008-06-23T00:00:00",
"db": "VULHUB",
"id": "VHN-32431"
},
{
"date": "2008-06-19T00:00:00",
"db": "BID",
"id": "29835"
},
{
"date": "2008-07-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"date": "2008-06-21T01:11:07",
"db": "PACKETSTORM",
"id": "67541"
},
{
"date": "2008-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200806-301"
},
{
"date": "2008-06-23T20:41:00",
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-06-20T00:00:00",
"db": "CERT/CC",
"id": "VU#127185"
},
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-32431"
},
{
"date": "2009-04-29T22:16:00",
"db": "BID",
"id": "29835"
},
{
"date": "2008-07-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001467"
},
{
"date": "2008-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200806-301"
},
{
"date": "2024-11-21T00:46:34.310000",
"db": "NVD",
"id": "CVE-2008-2306"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari automatically executes downloaded files based on Internet Explorer zone settings",
"sources": [
{
"db": "CERT/CC",
"id": "VU#127185"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200806-301"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…