Details of VAR-200506-0135

ID

VAR-200506-0135

CVE

CVE-2005-1474

TITLE

Apple Safari automatically installs Dashboard widgets

Trust: 0.8

sources: CERT/CC: VU#775661

DESCRIPTION

Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. This issue is due to Safari improperly considering Dashboard widgets to be "safe" content. It is demonstrated that an attacker can cause Safari to automatically download, and then install widgets into the users '~/Library/Widgets' directory. This happens without user intervention or notification. Reportedly, once widgets have been automatically installed via Safari, the normal validation required for widgets to gain access to system resources is skipped, allowing complete system access to the malicious widgets, however, this has not been confirmed by Symantec. This will likely result in malicious script, or machine code being executed in the context of the targeted user. Mac OS X version 10.4 is vulnerable to this issue

Trust: 1.98

sources: NVD: CVE-2005-1474 // CERT/CC: VU#775661 // BID: 13694 // VULHUB: VHN-12683

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x server	scope:	eq	version:	10.4	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.4.1	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.4	Trust: 1.6
vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	ne	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.4.1	Trust: 0.3

sources: CERT/CC: VU#775661 // BID: 13694 // CNNVD: CNNVD-200506-115 // NVD: CVE-2005-1474

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-1474
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#775661
value:	17.06
Trust: 0.8
CNNVD:	CNNVD-200506-115
value:	HIGH
Trust: 0.6
VULHUB:	VHN-12683
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-1474
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-12683
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#775661 // VULHUB: VHN-12683 // CNNVD: CNNVD-200506-115 // NVD: CVE-2005-1474

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1474

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200506-115

TYPE

Design Error

Trust: 0.9

sources: BID: 13694 // CNNVD: CNNVD-200506-115

EXTERNAL IDS

db:	BID	id:	13694	Trust: 2.8
db:	NVD	id:	CVE-2005-1474	Trust: 2.0
db:	SECTRACK	id:	1014012	Trust: 0.8
db:	CERT/CC	id:	VU#775661	Trust: 0.8
db:	CNNVD	id:	CNNVD-200506-115	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2005-05-19	Trust: 0.6
db:	VULHUB	id:	VHN-12683	Trust: 0.1

sources: CERT/CC: VU#775661 // VULHUB: VHN-12683 // BID: 13694 // CNNVD: CNNVD-200506-115 // NVD: CVE-2005-1474

REFERENCES

url:	http://www.securityfocus.com/bid/13694	Trust: 2.5
url:	http://lists.apple.com/archives/security-announce/2005/may/msg00004.html	Trust: 1.7
url:	http://www.macworld.com/news/2005/05/09/dashboard/	Trust: 0.8
url:	http://www.macworld.co.uk/news/index.cfm?home&newsid=11531	Trust: 0.8
url:	http://www1.cs.columbia.edu/~aaron/files/widgets/	Trust: 0.8
url:	http://developer.apple.com/documentation/appleapplications/conceptual/dashboard_tutorial/index.html	Trust: 0.8
url:	[<a href="http://developer.apple.com/documentation/appleapplications/conceptual/dashboard_tutorial/security/chapter_10_section_1.html#//apple_ref/doc/uid/tp40001340-ch210-tpxref101">http://developer.apple.com/documentation/appleapplications/conceptual/dashboard_tutorial/ security/chapter_10_section_1.html#//apple_ref/doc/uid/tp40001340-ch210-tpxref101</a>]	Trust: 0.8
url:	http://www.apple.com/macosx/features/dashboard/	Trust: 0.8
url:	http://www.appleinsider.com/article.php?id=1073	Trust: 0.8
url:	http://securitytracker.com/alerts/2005/may/1014012.html	Trust: 0.8
url:	http://docs.info.apple.com/article.html?artnum=301630	Trust: 0.8
url:	http://www.info.apple.com/usen/security/security_updates.html	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://docs.info.apple.com/article.html?artnum=301629	Trust: 0.3

sources: CERT/CC: VU#775661 // VULHUB: VHN-12683 // BID: 13694 // CNNVD: CNNVD-200506-115 // NVD: CVE-2005-1474

CREDITS

Stephan Meyers is credited with the discovery of this issue.

Trust: 0.9

sources: BID: 13694 // CNNVD: CNNVD-200506-115

SOURCES

db:	CERT/CC	id:	VU#775661
db:	VULHUB	id:	VHN-12683
db:	BID	id:	13694
db:	CNNVD	id:	CNNVD-200506-115
db:	NVD	id:	CVE-2005-1474

LAST UPDATE DATE

2024-08-14T13:40:13.143000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#775661	date:	2006-02-22T00:00:00
db:	VULHUB	id:	VHN-12683	date:	2008-09-05T00:00:00
db:	BID	id:	13694	date:	2009-07-12T14:56:00
db:	CNNVD	id:	CNNVD-200506-115	date:	2005-10-25T00:00:00
db:	NVD	id:	CVE-2005-1474	date:	2008-09-05T20:49:16.123

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#775661	date:	2005-06-08T00:00:00
db:	VULHUB	id:	VHN-12683	date:	2005-06-13T00:00:00
db:	BID	id:	13694	date:	2005-05-20T00:00:00
db:	CNNVD	id:	CNNVD-200506-115	date:	2005-06-13T00:00:00
db:	NVD	id:	CVE-2005-1474	date:	2005-06-13T04:00:00