Vulnerability Name:

CVE-2010-0045 (CCN-56831)

Assigned:2009-12-15
Published:2010-03-11
Updated:2017-09-19
Summary:Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document.
Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html

CVE-ID: CVE-2010-0045
Available for: Windows 7, Vista, XP
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: An issue in Safari's handling of external URL schemes
may cause a local file to be opened in response to a URL encountered
on a web page. Visiting a maliciously crafted website may lead to
arbitrary code execution. This update addresses the issue through
improved validation of external URLs. This issue does not affect Mac
OS X systems. Credit to Billy Rios and Microsoft Vulnerability
Research (MSVR) for reporting this issue.

CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2010-0045

Source: APPLE
Type: Vendor Advisory
APPLE-SA-2010-03-11-1

Source: CCN
Type: SA38932
Apple Safari Multiple Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1023706
Apple Safari Bugs Let Remote Users Cause Arbitrary Code to Be Executed

Source: CCN
Type: Apple Web site
About the security content of Safari 4.0.5

Source: CONFIRM
Type: Vendor Advisory
http://support.apple.com/kb/HT4070

Source: CCN
Type: OSVDB ID: 62938
Apple Safari on Windows URL Scheme Validation Crafted HTML File Handling Arbitrary Code Execution

Source: BID
Type: Patch
38671

Source: CCN
Type: BID-38671
RETIRED: Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities

Source: CCN
Type: BID-38683
Apple Safari URL Schemes Handling Remote Code Execution Vulnerability

Source: SECTRACK
Type: UNKNOWN
1023706

Source: XF
Type: UNKNOWN
safari-url-schemes-code-execution(56831)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6817

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apple:safari:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0:beta:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version <= 4.0.4)
  • AND
  • cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows_7:*:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:6817
    V
    		Apple Safari URL Schemes Handling Remote Code Execution Vulnerability
    2013-11-11
    BACK
    apple safari 4.0
    apple safari 4.0 beta
    apple safari 4.0.1
    apple safari 4.0.2
    apple safari 4.0.3
    apple safari *
    microsoft windows *
    microsoft windows 7 *
    apple safari 4.0.2
    apple safari 4.0.3
    apple safari 4.0.4