var-201205-0398
Vulnerability from variot
WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing of form input, which allows remote attackers to fill in form fields on the pages of arbitrary web sites via unspecified vectors. WebKit is prone to a security-bypass vulnerability. This issue allows a maliciously crafted website to populate form inputs on another website with arbitrary values. Attackers can exploit this issue to bypass security restrictions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security bypass vulnerability exists in WebKit in Apple Safari version 5.1.7. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Apple Safari Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA47292
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47292/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47292
RELEASE DATE: 2012-05-10
DISCUSS ADVISORY: http://secunia.com/advisories/47292/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47292/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47292
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
1) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit.
This is related to: SA48321 SA48454 (#3) SA48512 (#7)
2) An error related to stage tracking when handling forms can be exploited to populate forms on other websites.
The vulnerabilities are reported in versions prior to 5.1.7.
SOLUTION: Update to version 5.1.7.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Tyler Goen, Andreas \xc5kre Solberg, UNINETT AS, and Aaron Roots, Deakin University ITSD.
ORIGINAL ADVISORY: http://support.apple.com/kb/HT5282
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-05-09-2 Safari 5.1.7
Safari 5.1.7 is now available and addresses the following:
WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-site scripting issues existed in WebKit. CVE-ID CVE-2011-3046 : Sergey Glazunov working with Google's Pwnium contest CVE-2011-3056 : Sergey Glazunov
WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit. CVE-ID CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team
WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to populate form inputs on another website with arbitrary values Description: A state tracking issue existed in WebKit's handling of forms. This update presents the option to install an updated version of Flash Player from the Adobe website.
Safari 5.1.7 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/
Safari for OS X Lion v10.7.4 The download file is named: Safari5.1.7LionManual.dmg Its SHA-1 digest is: 5024eb2e358feb6b87d6eff15438bf7ae99619b4
Safari for Mac OS X v10.6.8 The download file is named: Safari5.1.7SnowLeopardManual.dmg Its SHA-1 digest is: 32d1dca993b455bc5c230caef95ab70c702e6fee
Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: f601df0106987bfffc3f22b046ba835e4f8d29c6
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: 193eaddae1d25dd1b0f8786a810de083fc9280b0
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPqtgCAAoJEGnF2JsdZQeeIvQIAIIbdrlsjYRAiMAEK/o4QwkF M4EIDhqpDPnjDFBcT39vqapEPt4btYp0x+464bNRyU9ex4bY7NGPzaKTS/bdcnXJ BbpmR8rFluCRZ3AIyFSYPvKImsoyp5IZ91lTIxes1E4j+ed1diXEpLlt8Pp4K3Fc w2hao+KBKYCUKcjy49whKC0+6jnQWPoP7lPl9gjVyM/fky4K2J/F2c2saXHTDS9l L3CU4+0jA6INzY2NN2j3jdSZgglLgRcDvF3dAriNhW0Wlyd6ucuTxULbC1cS0mRs w4stMTnMzdgKsy13kE2tBQAf3rguM1PzlJAlOZMw9Ad/O6lU+8uaJ8AmBygVpq4= =x2Jz -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0398",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.4b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0b1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "5.1.6"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "5.1.6"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.5"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.3"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2"
},
{
"model": "open source project webkit r82222",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r77705",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52833",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52401",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r51295",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r38566",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r105591",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "2"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.x"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2-1"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "0"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.5"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
}
],
"sources": [
{
"db": "BID",
"id": "53446"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
},
{
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andreas Akre Solberg of UNINETT AS, Aaron Roots of Deakin University ITSD, Tyler Goe",
"sources": [
{
"db": "BID",
"id": "53446"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
}
],
"trust": 0.9
},
"cve": "CVE-2012-0676",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-0676",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-53957",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-0676",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-0676",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-182",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-53957",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-0676",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53957"
},
{
"db": "VULMON",
"id": "CVE-2012-0676"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
},
{
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing of form input, which allows remote attackers to fill in form fields on the pages of arbitrary web sites via unspecified vectors. WebKit is prone to a security-bypass vulnerability. This issue allows a maliciously crafted website to populate form inputs on another website with arbitrary values. \nAttackers can exploit this issue to bypass security restrictions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security bypass vulnerability exists in WebKit in Apple Safari version 5.1.7. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Safari Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47292\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47292/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47292\n\nRELEASE DATE:\n2012-05-10\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47292/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47292/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47292\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Apple Safari, which\ncan be exploited by malicious people to conduct cross-site scripting\nattacks, bypass certain security restrictions, and compromise a\nuser\u0027s system. \n\n1) Some vulnerabilities are caused due to a bundled vulnerable\nversion of WebKit. \n\nThis is related to:\nSA48321\nSA48454 (#3)\nSA48512 (#7)\n\n2) An error related to stage tracking when handling forms can be\nexploited to populate forms on other websites. \n\nThe vulnerabilities are reported in versions prior to 5.1.7. \n\nSOLUTION:\nUpdate to version 5.1.7. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) The vendor credits Tyler Goen, Andreas \\xc5kre Solberg, UNINETT AS,\nand Aaron Roots, Deakin University ITSD. \n\nORIGINAL ADVISORY:\nhttp://support.apple.com/kb/HT5282\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-05-09-2 Safari 5.1.7\n\nSafari 5.1.7 is now available and addresses the following:\n\nWebKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista,\nXP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: Multiple cross-site scripting issues existed in WebKit. \nCVE-ID\nCVE-2011-3046 : Sergey Glazunov working with Google\u0027s Pwnium contest\nCVE-2011-3056 : Sergey Glazunov\n\nWebKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista,\nXP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in WebKit. \nCVE-ID\nCVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome\nSecurity Team\n\nWebKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista,\nXP SP2 or later\nImpact: A maliciously crafted website may be able to populate form\ninputs on another website with arbitrary values\nDescription: A state tracking issue existed in WebKit\u0027s handling of\nforms. \nThis update presents the option to install an updated version of\nFlash Player from the Adobe website. \n\n\nSafari 5.1.7 is available via the Apple Software Update\napplication, or Apple\u0027s Safari download site at:\nhttp://www.apple.com/safari/download/\n\nSafari for OS X Lion v10.7.4\nThe download file is named: Safari5.1.7LionManual.dmg\nIts SHA-1 digest is: 5024eb2e358feb6b87d6eff15438bf7ae99619b4\n\nSafari for Mac OS X v10.6.8\nThe download file is named: Safari5.1.7SnowLeopardManual.dmg\nIts SHA-1 digest is: 32d1dca993b455bc5c230caef95ab70c702e6fee\n\nSafari for Windows 7, Vista or XP\nThe download file is named: SafariSetup.exe\nIts SHA-1 digest is: f601df0106987bfffc3f22b046ba835e4f8d29c6\n\nSafari for Windows 7, Vista or XP from the Microsoft Choice Screen\nThe download file is named: Safari_Setup.exe\nIts SHA-1 digest is: 193eaddae1d25dd1b0f8786a810de083fc9280b0\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJPqtgCAAoJEGnF2JsdZQeeIvQIAIIbdrlsjYRAiMAEK/o4QwkF\nM4EIDhqpDPnjDFBcT39vqapEPt4btYp0x+464bNRyU9ex4bY7NGPzaKTS/bdcnXJ\nBbpmR8rFluCRZ3AIyFSYPvKImsoyp5IZ91lTIxes1E4j+ed1diXEpLlt8Pp4K3Fc\nw2hao+KBKYCUKcjy49whKC0+6jnQWPoP7lPl9gjVyM/fky4K2J/F2c2saXHTDS9l\nL3CU4+0jA6INzY2NN2j3jdSZgglLgRcDvF3dAriNhW0Wlyd6ucuTxULbC1cS0mRs\nw4stMTnMzdgKsy13kE2tBQAf3rguM1PzlJAlOZMw9Ad/O6lU+8uaJ8AmBygVpq4=\n=x2Jz\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0676"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"db": "BID",
"id": "53446"
},
{
"db": "VULHUB",
"id": "VHN-53957"
},
{
"db": "VULMON",
"id": "CVE-2012-0676"
},
{
"db": "PACKETSTORM",
"id": "112603"
},
{
"db": "PACKETSTORM",
"id": "112596"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0676",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "47292",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1027053",
"trust": 1.2
},
{
"db": "OSVDB",
"id": "81787",
"trust": 1.2
},
{
"db": "BID",
"id": "53446",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201205-182",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2012-05-09-2",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19591",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19596",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-53957",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-0676",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112603",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112596",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53957"
},
{
"db": "VULMON",
"id": "CVE-2012-0676"
},
{
"db": "BID",
"id": "53446"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"db": "PACKETSTORM",
"id": "112603"
},
{
"db": "PACKETSTORM",
"id": "112596"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
},
{
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"id": "VAR-201205-0398",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-53957"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:01:10.938000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT5282",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5282"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53957"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://support.apple.com/kb/ht5282"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2012/may/msg00002.html"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/47292"
},
{
"trust": 1.2,
"url": "http://osvdb.org/81787"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1027053"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75474"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0676"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu692779"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu241779"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0676"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53446"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19596"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19591"
},
{
"trust": 0.3,
"url": "http://www.webkit.org/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/apple-safari-cve-2012-0676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47292/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47292"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47292/#comments"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0676"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3046"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3056"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53957"
},
{
"db": "VULMON",
"id": "CVE-2012-0676"
},
{
"db": "BID",
"id": "53446"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"db": "PACKETSTORM",
"id": "112603"
},
{
"db": "PACKETSTORM",
"id": "112596"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
},
{
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-53957"
},
{
"db": "VULMON",
"id": "CVE-2012-0676"
},
{
"db": "BID",
"id": "53446"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"db": "PACKETSTORM",
"id": "112603"
},
{
"db": "PACKETSTORM",
"id": "112596"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
},
{
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-53957"
},
{
"date": "2012-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2012-0676"
},
{
"date": "2012-05-09T00:00:00",
"db": "BID",
"id": "53446"
},
{
"date": "2012-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"date": "2012-05-10T01:02:05",
"db": "PACKETSTORM",
"id": "112603"
},
{
"date": "2012-05-10T15:24:22",
"db": "PACKETSTORM",
"id": "112596"
},
{
"date": "2012-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-182"
},
{
"date": "2012-05-11T03:49:59.340000",
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-05T00:00:00",
"db": "VULHUB",
"id": "VHN-53957"
},
{
"date": "2017-12-05T00:00:00",
"db": "VULMON",
"id": "CVE-2012-0676"
},
{
"date": "2012-05-09T00:00:00",
"db": "BID",
"id": "53446"
},
{
"date": "2012-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002391"
},
{
"date": "2012-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-182"
},
{
"date": "2024-11-21T01:35:30.997000",
"db": "NVD",
"id": "CVE-2012-0676"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari of WebKit Vulnerabilities entered in form fields",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002391"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-182"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…