CVE-2004-0720
CVSS7.5
发布时间 :2004-07-27 00:00:00
修订时间 :2008-09-05 16:39:13
NMCOS    

[原文]Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.


[CNNVD]Apple Safari帧处理错误HTML代码执行漏洞(CNNVD-200407-048)

        
        Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。
        Apple Safari帧处理存在问题,远程攻击者可以利用这个漏洞在其他任意站的域中运行HTML代码。
        Apple报告恶意用户使用恶意WEB站点可以把HTML内容注入其他域使用的帧。结果可导致远程用户可以修改使用多帧的合法WEB站点上部分帧的内容。造成欺骗目标用户,获得其他信息。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0720
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0720
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200407-048
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/1598
(VENDOR_ADVISORY)  XF  http-frame-spoof(1598)
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
(VENDOR_ADVISORY)  MISC  http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
http://secunia.com/advisories/11978
(VENDOR_ADVISORY)  SECUNIA  11978

- 漏洞信息

Apple Safari帧处理错误HTML代码执行漏洞
高危 其他
2004-07-27 00:00:00 2005-10-20 00:00:00
远程  
        
        Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。
        Apple Safari帧处理存在问题,远程攻击者可以利用这个漏洞在其他任意站的域中运行HTML代码。
        Apple报告恶意用户使用恶意WEB站点可以把HTML内容注入其他域使用的帧。结果可导致远程用户可以修改使用多帧的合法WEB站点上部分帧的内容。造成欺骗目标用户,获得其他信息。
        

- 公告与补丁

        厂商补丁:
        Apple
        -----
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        
        http://www.apple.com/support/downloads/

        Mac OS X v10.3.5 "Panther":
        下载文件名: "SecUpd2004-09-07PanMClient.dmg"
        SHA-1数字签名: aa8bc2d78c37778cca3619f42dafdee5775bc7a6
        Mac OS X v10.3.4 "Panther":
        下载文件名: "SecUpd2004-09-07PanClient.dmg"
        SHA-1数字签名: a37cd43439f4e82d05d07924101e370d96dc41a9
        Mac OS X v10.2.8 "Jaguar":
        下载文件名: "SecUpd2004-09-07JagClient.dmg"
        SHA-1数字签名: 6f0ee457b5a729ef68fb50fc55417db400b52365
        Mac OS X Server v10.3.5 "Panther":
        下载文件名: "SecUpdSrvr2004-09-07PanM.dmg"
        SHA-1数字签名: 8766c93d5675f8d1d9ebec67e80b7a94d16a1858
        Mac OS X Server v10.3.4 "Panther":
        下载文件名: "SecUpdSrvr2004-09-07PanL.dmg"
        SHA-1数字签名: 7f4674515ff0172a2df9a451240410ac24459753
        Mac OS X Server v10.2.8 "Jaguar"
        下载文件名: "SecUpdSrvr2004-09-07Jag.dmg"
        SHA-1数字签名: 099290119b6f47d935e8d064c36a90b0ad7acaf8

- 漏洞信息

59837
Apple Safari Cross-domain Frame Injection Content Spoofing
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

- 时间线

2004-07-01 Unknow
Unknow Unknow

- 解决方案

Products

Apple Inc.

Safari

1.0
1.1
1.2
1.2.0
1.2.1
1.2.2

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Apple Safari Cross-Domain Frame Loading Vulnerability
Failure to Handle Exceptional Conditions 11140
Yes No
2004-09-07 12:00:00 2009-07-12 07:06:00
This issue was reported by Gary McKay.

- 受影响的程序版本

Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.2.8

- 漏洞讨论

Apple Safari is reported prone to a cross-domain frame loading vulnerability. It is reported that if the name of a frame rendered in a target site is known, then an attacker may potentially render arbitrary HTML in the frame of the target site.

An attacker may exploit this vulnerability to spoof an interface of a trusted web site. To exploit this vulnerability a victim will need to visit a website hosted by an attacker. The attackers site will then spawn a trusted site in a window, if exploited successfully; the attackers site will place data into the IFRAME of the trusted site. This vulnerability may aid in Phishing style attacks.

The version of Safari included in Apple Mac OS X versions 1.2.8, 10.3.4, and 10.3.5 is reported vulnerable to this issue.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Apple has released an advisory (APPLE-SA-0024-09-07) along with fixes to address this, and many other issues. Please see the referenced advisory for further information.

Apple has released advisory APPLE-SA-2004-09-13 along with Security Update 2004-09-07 v1.1 resolving non-security related issues that arose with the application of the first security update. Users are recommended to apply the latest security update. Please note that the fix links remain unchanged.


Apple Mac OS X 10.2.8

Apple Mac OS X Server 10.2.8

Apple Mac OS X 10.3.4

Apple Mac OS X Server 10.3.4

Apple Mac OS X 10.3.5

Apple Mac OS X Server 10.3.5

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站