 |
Name:
Apple.Safari.Windows.Platform.Arbitrary.File.Downl
|
Released Date:
Jun 2 2008
|
Severity:
high
|
|
|
|
|
Bugtraq:
29445
|
|
|
|
|
FortiGuard Center
> Vulnerability Encyclopedia
In-Depth Analysis
|
Description
|
This indicates an attempt to exploit a combination of vulnerabilities in Apple Safari and all versions of Microsoft Windows XP and Windows Vista.
A successful exploit allows remote attackers to download files to a user's machine and then execute them without prompting.
|
|
|
|
Impact
|
|
System Compromise
|
|
|
|
Affected Products
|
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64 Edition
Microsoft Windows Vista x64 Edition SP1
Internet Explorer 6 for Microsoft Windows XP SP2, Microsoft Windows XP SP3, Microsoft Windows XP Professional x64 Edition, and Microsoft Windows XP Professional x64 Edition SP2
Internet Explorer 7 for Microsoft Windows XP SP2, Microsoft Windows XP SP3, Microsoft Windows XP Professional x64 Edition, and Microsoft Windows XP Professional x64 Edition SP2
Internet Explorer 7 for Microsoft Windows Vista, Microsoft Windows Vista SP1, Microsoft Windows Vista x64 Edition, and Microsoft Windows Vista x64 Edition SP1
|
|
Aliases
|
|
References
|
http://www.securityfocus.com/bid/29445
http://www.milw0rm.com/exploits/2929
http://www.microsoft.com/technet/security/advisory/953818.mspx
|
|
Recommended Actions
|
|
There are currently no known vendor-supplied patches. Please check the following URL for the workaround: http://www.microsoft.com/technet/security/advisory/953818.mspx
|
|
