PT-2009-4188 · Apple · Safari

Billy Rios

Published

2009-06-10

Updated

2009-06-19

CVE-2009-1708

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Apple Safari versions prior to 4.0

Description: The issue allows remote attackers to open arbitrary local help files and execute arbitrary code or obtain sensitive information via a crafted call to the open-help-anchor URL handler, which is not prevented by the software.

Recommendations: For versions prior to 4.0, update to version 4.0 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-1708

Affected Products

Safari

PT-2009-4188 · Apple · Safari

CVE-2009-1708

Related Identifiers

Affected Products

References · 9