SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Browser)  >   Apple Safari Vendors:   Apple Computer
Safari 'feed:' URL Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1021712
SecurityTracker URL:  http://securitytracker.com/id/1021712
CVE Reference:   CVE-2009-0137   (Links to External Site)
Updated:  Feb 13 2009
Original Entry Date:  Feb 13 2009
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 3.2.2
Description:   A vulnerability was reported in Apple Safari on Windows. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted 'feed:' URL that, when loaded by the target user, will execute arbitrary JavaScript in the local security zone.

Clint Ruoho of Laconic Security, Billy Rios of Microsoft, and Brian Mastenbrook reported this vulnerability.
Impact:   A remote user can create a URL that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued a fix (3.2.2), available at:

http://www.apple.com/safari/download/

Safari for Windows XP or Vista
The download file is named: "SafariSetup.exe"
Its SHA-1 digest is: b378edc94eb7379056c7969ac918882dc703b53c

Safari+QuickTime for Windows XP or Vista
The file is named: "SafariQuickTimeSetup.exe"
Its SHA-1 digest is: 25efd930a24603f8850d374ff7bf9b76b9a79bce

For Mac OS X, Security Update 2009-001 is available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:

http://www.apple.com/support/downloads/

For Mac OS X v10.5.6
The download file is named: "SecUpd2009-001.dmg"
Its SHA-1 digest is: 08d8e962e2687f01b3cdc4cb386ef4e44992a1e0

For Mac OS X Server 10.5.6
The download file is named: "SecUpdSrvr2009-001.dmg"
Its SHA-1 digest is: b44344f918cbf15266cde2c989c443e455ccd88f

For Mac OS X v10.4.11 (Intel)
The download file is named: "SecUpd2009-001Intel.dmg"
Its SHA-1 digest is: e1e1a09d9543fe1a1acc759c5ed11dde58f84e0e

For Mac OS X v10.4.11 (PPC)
The download file is named: "SecUpd2009-001PPC.dmg"
Its SHA-1 digest is: a9158bed12fa6650634bc8f972a7990cddb765d9

For Mac OS X Server v10.4.11 (Universal)
The download file is named: "SecUpdSrvr2009-001Univ.dmg"
Its SHA-1 digest is: 6b056d47bbf2566cda7908590fc2ccd0ab4b889f

For Mac OS X Server v10.4.11 (PPC)
The download file is named: "SecUpdSrvr2009-001PPC.dmg"
Its SHA-1 digest is: a9f97ba89b8acc6927779859bbec3787d1fb3b2a

The vendor's advisories are available at:

http://support.apple.com/kb/HT3438
http://support.apple.com/kb/HT3439
Vendor URL:  support.apple.com/kb/HT3439 (Links to External Site)
Cause:   Input validation error
Underlying OS:   UNIX (OS X), Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Thu, 12 Feb 2009 13:27:08 -0800
Subject:  APPLE-SA-2009-02-12 Safari 3.2.2 for Windows

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2009-02-12 Safari 3.2.2 for Windows

Safari 3.2.2 for Windows is now available and addresses the
following:

Safari
CVE-ID:  CVE-2009-0137
Available for:  Windows XP or Vista
Impact:  Accessing a maliciously crafted feed: URL may lead to
arbitrary code execution
Description:  Multiple input validation issues exist in Safari's
handling of feed: URLs. The issues allow execution of arbitrary
JavaScript in the local security zone. This update addresses the
issues through improved handling of embedded JavaScript within feed:
URLs. These issues do not affect Mac OS X systems that have applied
Security Update 2009-001. Credit to Clint Ruoho of Laconic Security,
Billy Rios of Microsoft, and Brian Mastenbrook for reporting these
issues.


Safari 3.2.2 is available via the Apple Software Update application,
or Apple's Safari download site at:
http://www.apple.com/safari/download/

Safari for Windows XP or Vista
The download file is named: "SafariSetup.exe"
Its SHA-1 digest is: b378edc94eb7379056c7969ac918882dc703b53c

Safari+QuickTime for Windows XP or Vista
The file is named: "SafariQuickTimeSetup.exe"
Its SHA-1 digest is: 25efd930a24603f8850d374ff7bf9b76b9a79bce

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)

iQEcBAEBAgAGBQJJlHuQAAoJEHkodeiKZIkBj2oH/j4iLLVtyYZeazZ6xSNQ+U73
rmwxFQSdQ2ckHou/UId49xC7UPZ3px3+YLG2h9gYMB1WW2ADbi0uoI/EUN63tY3C
r8s76/QS7dryeETKn7AsTCgKtunqpRS7lVQRs1FtfYPPwU6kghKKrFFzNxb/BIMl
kKJck69z0/4EOtGRv7kzYPMciUgdPDF0/m7wNOTWvwUTMu0UqrtE5YgR8XbF8LRZ
UTsBTGf1B1I51TT76xyczkXyJ/4HRXa9E7mnwwcZWBtBXXLeYl+WoA5uHCUHM/Hi
XuIedDIDvs9G0RvcqB4ueU2hrgzwaeFjG1iPIi7Dd9GP2hcTOkVxrNln1PqzYq8=
=Kj4R
-----END PGP SIGNATURE-----
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (Security-announce@lists.apple.com)


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC