发布时间 :2004-07-27 00:00:00
修订时间 :2017-07-10 21:30:24

[原文]Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

[CNNVD]Apple Safari帧处理错误HTML代码执行漏洞(CNNVD-200407-048)

        Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。
        Apple Safari帧处理存在问题,远程攻击者可以利用这个漏洞在其他任意站的域中运行HTML代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  XF  http-frame-spoof(1598)

- 漏洞信息

Apple Safari帧处理错误HTML代码执行漏洞
高危 其他
2004-07-27 00:00:00 2005-10-20 00:00:00
        Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。
        Apple Safari帧处理存在问题,远程攻击者可以利用这个漏洞在其他任意站的域中运行HTML代码。

- 公告与补丁


        Mac OS X v10.3.5 "Panther":
        下载文件名: "SecUpd2004-09-07PanMClient.dmg"
        SHA-1数字签名: aa8bc2d78c37778cca3619f42dafdee5775bc7a6
        Mac OS X v10.3.4 "Panther":
        下载文件名: "SecUpd2004-09-07PanClient.dmg"
        SHA-1数字签名: a37cd43439f4e82d05d07924101e370d96dc41a9
        Mac OS X v10.2.8 "Jaguar":
        下载文件名: "SecUpd2004-09-07JagClient.dmg"
        SHA-1数字签名: 6f0ee457b5a729ef68fb50fc55417db400b52365
        Mac OS X Server v10.3.5 "Panther":
        下载文件名: "SecUpdSrvr2004-09-07PanM.dmg"
        SHA-1数字签名: 8766c93d5675f8d1d9ebec67e80b7a94d16a1858
        Mac OS X Server v10.3.4 "Panther":
        下载文件名: "SecUpdSrvr2004-09-07PanL.dmg"
        SHA-1数字签名: 7f4674515ff0172a2df9a451240410ac24459753
        Mac OS X Server v10.2.8 "Jaguar"
        下载文件名: "SecUpdSrvr2004-09-07Jag.dmg"
        SHA-1数字签名: 099290119b6f47d935e8d064c36a90b0ad7acaf8

- 漏洞信息

Apple Safari Cross-domain Frame Injection Content Spoofing
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

- 时间线

2004-07-01 Unknow
Unknow Unknow

- 解决方案


Apple Inc.



- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Apple Safari Cross-Domain Frame Loading Vulnerability
Failure to Handle Exceptional Conditions 11140
Yes No
2004-09-07 12:00:00 2009-07-12 07:06:00
This issue was reported by Gary McKay.

- 受影响的程序版本

Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.2.8

- 漏洞讨论

Apple Safari is reported prone to a cross-domain frame loading vulnerability. It is reported that if the name of a frame rendered in a target site is known, then an attacker may potentially render arbitrary HTML in the frame of the target site.

An attacker may exploit this vulnerability to spoof an interface of a trusted web site. To exploit this vulnerability a victim will need to visit a website hosted by an attacker. The attackers site will then spawn a trusted site in a window, if exploited successfully; the attackers site will place data into the IFRAME of the trusted site. This vulnerability may aid in Phishing style attacks.

The version of Safari included in Apple Mac OS X versions 1.2.8, 10.3.4, and 10.3.5 is reported vulnerable to this issue.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <>.

- 解决方案

Apple has released an advisory (APPLE-SA-0024-09-07) along with fixes to address this, and many other issues. Please see the referenced advisory for further information.

Apple has released advisory APPLE-SA-2004-09-13 along with Security Update 2004-09-07 v1.1 resolving non-security related issues that arose with the application of the first security update. Users are recommended to apply the latest security update. Please note that the fix links remain unchanged.

Apple Mac OS X 10.2.8

Apple Mac OS X Server 10.2.8

Apple Mac OS X 10.3.4

Apple Mac OS X Server 10.3.4

Apple Mac OS X 10.3.5

Apple Mac OS X Server 10.3.5

- 相关参考