CVE-2009-2027 — Apple Safari vulnerability

CWE-2642 documents2 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 86.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedJun 10

Latest updateMay 2

Description

The Installer in Apple Safari before 4.0 on Windows allows local users to gain privileges by checking a box that specifies an immediate launch of the application after installation, related to an unspecified compression method.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/safari3.2.3+11

Patches

Patch: lists.apple.com ↗Patch: support.apple.com ↗Patch: lists.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-845x-65gx-fxwg: The Installer in Apple Safari before 4↗2022-05-02

▶