Details of VAR-200505-1089

ID

VAR-200505-1089

CVE

CVE-2005-0976

TITLE

Apple WebCore Framework XMLHttpRequests Remote Code Execution Vulnerability

Trust: 0.9

sources: BID: 13202 // CNNVD: CNNVD-200505-620

DESCRIPTION

AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs. Web browsers based on AppleWebKit may allow remote web sites to reference content on the local filesystem. This may allow an attacker to execute script within the security context of the local machine. A remote code execution vulnerability affects Apple's WebCore Framework. This issue is due to a failure of the affected framework library to securely handle remote scripts. An attacker may leverage this issue to execute arbitrary code with the privileges of a user that activated the malicious remote script, facilitating unauthorized access and privilege escalation

Trust: 1.98

sources: NVD: CVE-2005-0976 // CERT/CC: VU#998369 // BID: 13202 // VULHUB: VHN-12185

AFFECTED PRODUCTS

vendor:	omnigroup	model:	omniweb	scope:	eq	version:	5.1	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	1.2	Trust: 1.3
vendor:	hmdt	model:	shiira	scope:	eq	version:	0.93	Trust: 1.0
vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	omnigroup	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	omni	model:	group omniweb	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	safari rss pre-release	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	ne	version:	1.3	Trust: 0.3

sources: CERT/CC: VU#998369 // BID: 13202 // CNNVD: CNNVD-200505-620 // NVD: CVE-2005-0976

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-0976
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#998369
value:	4.78
Trust: 0.8
CNNVD:	CNNVD-200505-620
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-12185
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-0976
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-12185
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#998369 // VULHUB: VHN-12185 // CNNVD: CNNVD-200505-620 // NVD: CVE-2005-0976

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0976

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-620

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200505-620

EXTERNAL IDS

db:	NVD	id:	CVE-2005-0976	Trust: 2.0
db:	BID	id:	13202	Trust: 1.2
db:	XF	id:	20124	Trust: 0.8
db:	OSVDB	id:	15637	Trust: 0.8
db:	SECUNIA	id:	14974	Trust: 0.8
db:	CERT/CC	id:	VU#998369	Trust: 0.8
db:	CNNVD	id:	CNNVD-200505-620	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2005-04-15	Trust: 0.6
db:	VULHUB	id:	VHN-12185	Trust: 0.1

sources: CERT/CC: VU#998369 // VULHUB: VHN-12185 // BID: 13202 // CNNVD: CNNVD-200505-620 // NVD: CVE-2005-0976

REFERENCES

url:	http://remahl.se/david/vuln/001/	Trust: 2.5
url:	http://lists.apple.com/archives/security-announce/2005/apr/msg00000.html	Trust: 1.7
url:	http://docs.info.apple.com/article.html?artnum=301327	Trust: 0.8
url:	http://www.osvdb.org/15637	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/20124	Trust: 0.8
url:	http://secunia.com/advisories/14974	Trust: 0.8
url:	http://www.securityfocus.com/bid/13202	Trust: 0.8
url:	http://packetstormsecurity.org/0504-advisories/apple_webkit_filedisclosure.txt	Trust: 0.8
url:	http://www.omnigroup.com/applications/omniweb/releasenotes/	Trust: 0.8
url:	http://developer.apple.com/darwin/projects/webcore/	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://www.omnigroup.com/applications/omniweb/	Trust: 0.3
url:	http://www.apple.com/safari/	Trust: 0.3
url:	http://hmdt-web.net/shiira/index-e.html	Trust: 0.3
url:	/archive/1/396046	Trust: 0.3
url:	-	Trust: 0.1

sources: CERT/CC: VU#998369 // VULHUB: VHN-12185 // BID: 13202 // CNNVD: CNNVD-200505-620 // NVD: CVE-2005-0976

CREDITS

David Remahl

Trust: 0.6

sources: CNNVD: CNNVD-200505-620

SOURCES

db:	CERT/CC	id:	VU#998369
db:	VULHUB	id:	VHN-12185
db:	BID	id:	13202
db:	CNNVD	id:	CNNVD-200505-620
db:	NVD	id:	CVE-2005-0976

LAST UPDATE DATE

2024-08-14T13:40:13.204000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#998369	date:	2005-07-06T00:00:00
db:	VULHUB	id:	VHN-12185	date:	2008-09-05T00:00:00
db:	BID	id:	13202	date:	2009-07-12T12:56:00
db:	CNNVD	id:	CNNVD-200505-620	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-0976	date:	2008-09-05T20:47:51.113

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#998369	date:	2005-07-06T00:00:00
db:	VULHUB	id:	VHN-12185	date:	2005-05-02T00:00:00
db:	BID	id:	13202	date:	2005-04-16T00:00:00
db:	CNNVD	id:	CNNVD-200505-620	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2005-0976	date:	2005-05-02T04:00:00