Intrusion Prevention

WebKit.JavaScript.onload.Event.Cross.Domain.Scripting

Description

This indicates an attack attempt against a Cross Domain Scripting vulnerability in Safari.
A vulnerability has been reported in Safari that may allow an attacker to bypass the same-origin policy and obtain potentially sensitive information, or to launch spoofing attacks against other sites. This is possible because the Safari WebKit engine cannot correctly handle some HTML object's events.

Affected Products

WebKit Open Source Project WebKit
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Apple Safari For Windows 3.2.1
Apple Safari 3.2.3 for Windows
Apple Safari 3.2.3
Apple Safari 3.2.2 for Windows
Apple Safari 3.1.2 for Windows
Apple Safari 3.1.2
Apple Safari 3.1.1 for Windows
Apple Safari 3.1.1
Apple Safari 3.0.4 Beta for Windows
Apple Safari 3.0.3 Beta for Windows
Apple Safari 3.0.3 Beta
Apple Safari 3.0.2 Beta for Windows
Apple Safari 3.0.2 Beta
Apple Safari 3.0.1 Beta for Windows
Apple Safari 3.0.1 Beta
Apple Safari 2.0.4
Apple Safari 2.0.3
Apple Safari 2.0.2
Apple Safari 2.0.1
+ Apple Mac OS X 10.4.2
+ Apple Mac OS X 10.4.1
+ Apple Mac OS X 10.4
+ Apple Mac OS X Server 10.4.2
+ Apple Mac OS X Server 10.4.1
+ Apple Mac OS X Server 10.4
Apple Safari 1.3.2
Apple Safari 1.3.1
+ Apple Mac OS X 10.3.9
Apple Safari 1.3
+ Apple Mac OS X 10.3.9
Apple Safari 1.2.3
Apple Safari 1.2.2
Apple Safari 1.2.1
Apple Safari 1.2
+ Apple Mac OS X 10.3.7
+ Apple Mac OS X 10.3.7
+ Apple Mac OS X 10.3.6
+ Apple Mac OS X 10.3.6
+ Apple Mac OS X 10.3.5
+ Apple Mac OS X 10.3.5
+ Apple Mac OS X 10.3.4
+ Apple Mac OS X 10.3.4
+ Apple Mac OS X 10.3.3
+ Apple Mac OS X 10.3.3
+ Apple Mac OS X 10.3.2
+ Apple Mac OS X 10.3.2
+ Apple Mac OS X 10.3.1
+ Apple Mac OS X 10.3.1
+ Apple Mac OS X 10.3
+ Apple Mac OS X 10.3
+ Apple Mac OS X 10.2.8
+ Apple Mac OS X 10.2.8
+ Apple Mac OS X 10.2.7
+ Apple Mac OS X 10.2.7
+ Apple Mac OS X 10.2.6
+ Apple Mac OS X 10.2.6
+ Apple Mac OS X 10.2.5
+ Apple Mac OS X 10.2.5
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2
+ Apple Mac OS X 10.2
+ Apple Mac OS X Server 10.3.7
+ Apple Mac OS X Server 10.3.6
+ Apple Mac OS X Server 10.3.6
+ Apple Mac OS X Server 10.3.5
+ Apple Mac OS X Server 10.3.5
+ Apple Mac OS X Server 10.3.4
+ Apple Mac OS X Server 10.3.4
+ Apple Mac OS X Server 10.3.3
+ Apple Mac OS X Server 10.3.3
+ Apple Mac OS X Server 10.3.2
+ Apple Mac OS X Server 10.3.2
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3
+ Apple Mac OS X Server 10.3
+ Apple Mac OS X Server 10.2.8
+ Apple Mac OS X Server 10.2.8
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ Apple Mac OS X Server 10.2
Apple Safari 1.1
Apple Safari 1.0
+ Apple Mac OS X 10.2.8
+ Apple Mac OS X 10.2.8
+ Apple Mac OS X 10.2.7
+ Apple Mac OS X 10.2.7
+ Apple Mac OS X 10.2.6
+ Apple Mac OS X 10.2.6
+ Apple Mac OS X 10.2.5
+ Apple Mac OS X 10.2.5
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2
+ Apple Mac OS X 10.2
+ Apple Mac OS X Server 10.2.8
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ Apple Mac OS X Server 10.2
Apple Safari Beta 2
Apple Safari 4 Beta
Apple Safari 4 Beta
Apple Safari 3.2
Apple Safari 3.1 for Windows
Apple Safari 3.1
Apple Safari 3 Beta for Windows
Apple Safari 3 Beta
Apple Safari 3

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Information Spoofing: Remote attackers can spoof the data of vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the web site.
http://www.apple.com/safari/download/

CVE References

CVE-2009-1684