CVE-2008-2540
Description
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows remote attackers to execute arbitrary code on Windows by leveraging an untrusted search path vulnerability in (a) Internet Explorer 7 on Windows XP or (b) the SearchPath function in Windows XP, Vista, and Server 2003 and 2008, aka a "Carpet Bomb" and a "Blended Threat Elevation of Privilege Vulnerability," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because the Microsoft products can load application libraries from the desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <3.1.2
- (no CPE)range: <3.1.2
- Range: 7 on Windows XP
Patches
Vulnerability mechanics
References
21- www.microsoft.com/technet/security/advisory/953818.mspxnvdMitigationPatchVendor Advisory
- aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspxnvdThird Party Advisory
- blogs.zdnet.com/security/nvdThird Party Advisory
- lists.apple.com/archives/security-announce/2008//Jun/msg00001.htmlnvdMailing ListVendor Advisory
- secunia.com/advisories/30467nvdThird Party Advisory
- securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- support.avaya.com/elmodocs2/security/ASA-2009-133.htmnvdThird Party Advisory
- support.nortel.com/go/main.jspnvdThird Party Advisory
- www.securityfocus.com/bid/29445nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA09-104A.htmlnvdThird Party AdvisoryUS Government Resource
- exchange.xforce.ibmcloud.com/vulnerabilities/42765nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5782nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6108nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8509nvdThird Party Advisory
- www.dhanjani.com/archives/2008/05/safari_carpet_bomb.htmlnvdBroken Link
- www.vupen.com/english/advisories/2008/1706nvdBroken Link
- www.vupen.com/english/advisories/2009/1028nvdBroken Link
- www.vupen.com/english/advisories/2009/1029nvdBroken Link
- docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-015nvd
News mentions
0No linked articles in our index yet.