Download
| Alert*
oval:org.mitre.oval:def:7255
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends NTLM credentials in cleartext in unspecified circumstances, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors. oval:org.secpod.oval:def:4277 The host is missing a security update according to Apple advisory, APPLE-SA-2010-06-07-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation could allow attackers to disclose sensitive inform ... oval:org.secpod.oval:def:4272 The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which sends NTLM credentials in plain text. Successful exploitation could allow a man in the middle attacker to view the NTLM credentials. |