LAC Advisory

Site Location

Japanese Edition

SNS Advisory No.96
Apple Safari HTTPS Contents Manipulation Vulnerability
Discovered on:11 Jun 2007
Released on:19 Nov 2007

Severity:
Medium

Overview:
Apple's Web browser, Safari, has a vulnerability in controlling the security domain in JavaScript.

Description:
Safari is Apple's standard Web browser for Mac OS X, iPhone, etc., and also available for Windows.

The application has a vulnerability that allows handling both HTTP and HTTPS URLs in the same security domain within the same site.

The vulnerability can be exploited by executing JavaScript code to obtain/manipulate the contents on HTTPS Web pages or obtain Cookie with "secure" attribute that should be restricted.

The above mentioned issues could result in unsecured HTTPS (TLS/SSL) channel.

Affected Products and Versions:
Apple Safari (Mac OS X) 10.4 through 10.4.10
Apple Safari (Windows) 3.0.3 and earlier
Apple iPhone versions earlier than 1.1.1

Solution:
The vulnerability can be fixed by updating the software to Apple Safari (Mac OS X) 10.4.11 or later, Apple Safari (Windows) 3.0.4 or later, or Apple iPhone 1.1.1 (3A109a) or later, which are available at:

About the security content of Mac OS X 10.4.11 and Security Update 2007-008
http://docs.info.apple.com/article.html?artnum=307041

About the security content of Safari 3 Beta Update 3.0.4
http://docs.info.apple.com/article.html?artnum=307038

About the security content of the iPhone 1.1.1 Update
http://docs.info.apple.com/article.html?artnum=306586

Discovered by:
Keigo Yamazaki (LAC)

Thanks to:
This LAC Advisory is released in coordination with Information-technology Promotion Agency, Japan (IPA) and Japan Computer Emargency Response Team Coordination Center (JPCERT/CC.)
http://jvn.jp/jp/JVN%2379013771/index.html
http://www.ipa.go.jp/security/vuln/documents/2007/JVN_79013771.html

Disclaimer:

The information contained in this advisory may be revised without prior notice and is provided as is. Users shall take their own risk when taking any actions following reading this advisory. Little eArth Corporation Co., Ltd. shall not be held responsible  for any claims, losses or damages caused by the use of information provided here.

This advisory is available at the following URL:

http://www.lac.co.jp/english/advisory/96_e.html

Japanese Edition

Top of Page

Reference

Category Menu

Contact LAC

  • Corporate Profile
  • Corporate Data
  • LAC's Strengths
  • Services and Solutions
  • Corporate History
  • Group Companies
  • Access Map
  • Contact LAC
  • JSOC
  • LAC Advisory