Update Protection against Apple Safari Webkit Floating Point Remote Code Execution Vulnerability
| Check Point Reference: | CPAI-2009-197 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA36269 | |
| Industry Reference(s): | CVE-2009-2195 |
|
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Apple Safari Prior to 4.0.3 | ||
| Vulnerability Description A vulnerability has been reported in Apple Safari's Webkit, a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. The vulnerability is due to an error in parsing of floating point numbers. Remote attackers could exploit this vulnerability by convincing the target user to open a maliciously crafted web page using a vulnerable version of Apple Safari. Successful exploitation would result in code execution with the privileges of the target user. |
||
|
Vulnerability Status The vendor, Apple, has released an advisory addressing this vulnerability: Apple |
|
|
Vulnerability Details The vulnerability is due to a boundary error when processing very long floating point numbers. A remote attacker can leverage this vulnerability by persuading a target user to open a crafted web page using a vulnerable version of Apple Safari. |
Protection Overview
This protection will detect and block web pages containing potentially malicious floating point numbers.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.