CVE-2009-2842 — Apple Safari vulnerability

2 documents2 sources

Severity

4.3MEDIUMNVD

EPSS

0.8%

top 25.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedNov 13

Latest updateMay 2

Description

Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/safari4.0.3+49

Patches

Patch: lists.apple.com ↗Patch: support.apple.com ↗Patch: lists.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-87wh-4mv4-q723: Apple Safari before 4↗2022-05-02

▶