oval:org.mitre.oval:def:6516
Definition Id: oval:org.mitre.oval:def:6516 | |||
Oval ID: | oval:org.mitre.oval:def:6516 | ||
Title: | OPTIONS Request in WebKit in Apple Safari Cross-Site Request Forgery (CSRF) Vulnerability. | ||
Description: | The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2816 | Version: | 5 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 | Product(s): | Apple Safari |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6325 | |||
Oval ID: | oval:org.mitre.oval:def:6325 | ||
Title: | Apple Safari is installed | ||
Description: | The application Apple Safari is installed. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:apple:safari | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Apple Safari |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:6516 |