|Check Point Reference:||CPAI-2011-588|
|Date Published:||27 Dec 2011|
|Last Updated:||14 Feb 2016|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||An arbitrary file creation vulnerability has been reported in Apple Safari. The vulnerability is due to insufficient restriction of the Webkit by Safari while performing an XSL transformation. A remote attacker may exploit this vulnerability by enticing a user to open a specially crafted web page with an affected version of Safari. Successful exploitation could allow an attacker to write or overwrite arbitrary files on the target machine.|
This protection will detect and block attempts to open a malicious XSLT page.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Web Client Enforcement Violation.
Attack Information: Apple Safari Webkit libxslt arbitrary file creation