CVE Vulnerabilities

CVE-2009-1708

Published: Jun 10, 2009 | Modified: Jun 19, 2009
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Apple Safari before 4.0 does not prevent calls to the open-help-anchor URL handler by web sites, which allows remote attackers to open arbitrary local help files, and execute arbitrary code or obtain sensitive information, via a crafted call.

Affected Software

Name Vendor Start Version End Version
Safari Apple 0.8 0.8
Safari Apple 0.9 0.9
Safari Apple 1.0 1.0
Safari Apple 1.0.3 1.0.3
Safari Apple 1.1 1.1
Safari Apple 1.2 1.2
Safari Apple 1.3 1.3
Safari Apple 1.3.1 1.3.1
Safari Apple 1.3.2 1.3.2
Safari Apple 2.0 2.0
Safari Apple 2.0.2 2.0.2
Safari Apple 2.0.4 2.0.4
Safari Apple 3.0 3.0
Safari Apple 3.0.2 3.0.2
Safari Apple 3.0.3 3.0.3
Safari Apple 3.0.4 3.0.4
Safari Apple 3.1 3.1
Safari Apple 3.1.1 3.1.1
Safari Apple 3.1.2 3.1.2
Safari Apple 3.2.1 3.2.1
Safari Apple 3.2.3 3.2.3
Safari Apple * 4.0_beta

References