CVE-2009-0137

Sažetak

Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows XP and Vista, allow remote attackers to execute arbitrary JavaScript in the local security zone via a crafted feed: URL, related to "input validation issues."

Reference

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.apple.com/archives/security-announce/2009/Feb/msg00001.html
http://support.apple.com/kb/HT3438

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

19-08-2009 - 05:25

Objavljeno

13-02-2009 - 00:30