Intrusion PreventionApple.WebKit.Document.Function.Remote.Information.Disclosure
Description
This indicates an attack attempt against an information disclosure vulnerability in Apple Safari.
The vulnerability is caused by the improper implementation of the document() function within the XSLT functionality of the WebKit component. A remote attacker could exploit this vulnerability using unknown attack vectors to read arbitrary files from various security zones.
Affected Products
Apple Mac OS X 10.4.11
Apple Mac OS X 10.5.7
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5.7
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 2.0
Apple Safari 2.0.2
Apple Safari 3.0
Apple Safari 3.0.1
Apple Safari 3.0.2
Apple Safari 3.0.3
Apple Safari 3.0.4
Apple Safari 3.1
Apple Safari 3.1.1
Apple Safari 3.1.2
Apple Safari 3.2
Apple Safari 3.2.1
Apple Safari 3.2.2
Apple Safari 3.2.3
Apple Safari 4.0 Beta
Canonical Ubuntu 8.10
Debian Debian Linux 5.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the website.
http://support.apple.com/kb/HT3613
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-01-11 | 16.995 | |
| 2020-10-15 | 16.944 | Name:WebKit. Document. Function. Remote. Information. Disclosure:Apple. WebKit. Document. Function. Remote. Information. Disclosure |
| ID | 27214 |
| Created | Jul 06, 2011 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2009-1713 |
| Exploit Prediction Score | 0.65% |
| Default Action | drop |
| Active | |
| Affected OS | MacOS |
| Affected App | Other |