‫ Apple Safari Multiple Vulnerabilities

IRCAD2013062721
ID: IRCAD2013062721
Release Date: 2013-06-05
Criticality level: Highly critical
Software:
Apple Safari 6.x
Description:                                                         
Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
1) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit.
2) An unspecified error in WebKit can be exploited to execute arbitrary code. No further information is currently available.
3) An unspecified error in WebKit can be exploited to execute arbitrary code. No further information is currently available.
4) An error related to iframe handling can be exploited to conduct cross-site scripting attacks.
5) An unspecified error related to the XSS Auditor can be exploited to bypass certain security restrictions and e.g. alter the behavior of forms.
The vulnerabilities are reported in versions prior to 6.0.5.
Solution
Update to version 6.0.5.
References:
Apple (APPLE-SA-2013-06-04-2):
Secunia
http://secunia.com/advisories/53711/

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 15 خرداد 1392

امتیاز

امتیاز شما
تعداد امتیازها:0