ID de Prueba:	1.3.6.1.4.1.25623.1.0.900075
Categoría:	Web application abuses
Título:	Apple Safari JavaScript Engine Cross Domain Information Disclosure Vulnerability
Resumen:	Apple Safari web browser is prone to an information disclosure vulnerability.
Descripción:	Summary: Apple Safari web browser is prone to an information disclosure vulnerability. Vulnerability Insight: Undefined function in the JavaScript implementation of the browser fails to properly enforce the origin policy and leaves temporary footprints. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes in the context of the web browser and can spoof sensitive information of the remote user through the web browser. Affected Software/OS: Apple Safari 3.1.2 and prior on Windows. Solution: Upgrade to Apple Safari version 5.0 or later. CVSS Score: 2.1 CVSS Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5914 BugTraq ID: 33276 http://www.securityfocus.com/bid/33276 http://arstechnica.com/news.ars/post/20090113-new-method-of-phishmongering-could-fool-experienced-users.html http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212900161 http://www.infoworld.com/article/09/01/13/Browser_bug_could_allow_phishing_without_email_1.html http://www.trusteer.com/files/In-session-phishing-advisory-2.pdf
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.