PT-2008-3797 · Microsoft+1 · Internet Explorer+1
Will Dormann
·
Published
2008-06-23
·
Updated
2011-03-08
·
CVE-2008-2306
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Apple Safari versions prior to 3.1.2 on Windows
Description:
The issue allows remote attackers to bypass intended access restrictions and force a client system to download and execute arbitrary files due to improper interpretation of the URLACTION SHELL EXECUTE HIGHRISK Internet Explorer zone setting.
Recommendations:
For Apple Safari versions prior to 3.1.2 on Windows, update to version 3.1.2 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Safari
Internet Explorer