HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

CERT-In Vulnerability Note CIVN-2008-70
Apple Safari Client-side Code Execution Vulnerability on Microsoft Windows Systems

Original Issue Date: June 04, 2008
Updated: 24 June, 2008

Severity Rating: High


System Affected

  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Basic 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Business 64-bit Edition
  • Windows Vista Business
  • Windows Vista Enterprise
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Starter
  • Windows Vista Ultimate
  • Windows Vista Service Pack 1
  • Microsoft Windows XP Service Pack 2, when used with:
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Internet Explorer 6.0 Service Pack 2
  • Windows Internet Explorer 7 for Windows XP
  • Windows Internet Explorer 7 in Windows Vista
  • Apple Safari 3.1.1, 3.0.3, 3.1
  • Apple Safari 3.0.4 Beta, 3.0.2 Beta, 3.0.1 Beta, 3 Beta for Windows

Overview

A client-side code execution vulnerability has been reported in Apple Safari Browser that allows remote code execution on systems running Windows XP and Windows Vista.

Description

A client-side code execution vulnerability has been reported in Apple Safari Browser This vulnerability is resulted due to a combination of errors relating to “default download location” in Safari and the way Windows desktop handles executables.

The flaw results because the Safari browser cannot be configured to obtain the user's permission before it downloads a resource. Safari downloads the resource without the user's consent and places it in a default location, unless changed.

An attacker could trick users into visiting a specially crafted website that could download malicious content to a user's machine. When combined with other flaws in Windows, the content could be executed without any sort of prompt or user permission on all XP and Vista machines with Safari installed


Solution

Update to fixed version Safari 3.1.2 available at http://www.apple.com/safari/download/

References

Microsoft
http://www.microsoft.com/technet/security/advisory/953818.mspx

SecurityFocus
http://www.securityfocus.com/bid/29445

Juniper Networks
http://www.juniper.net/security/auto/vulnerabilities/vuln29445.html

Dhanjani.com
http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html

FrSIRT
http://www.frsirt.com/english/advisories/2008/1706

Internet Storm Center
http://isc.sans.org/diary.html?date=2008-05-31

Secunia
http://secunia.com/advisories/30467/

CVE-Name
CVE-200-2540

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003