‫ Apple Safari Multiple Vulnerabilities

ID: IRCAD2015053915
Release Date: 2015-05-06
Criticality level: Highly critical
Software:
Apple Safari 6.x
Apple Safari 7.x
Apple Safari 8.x
Description:
Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.
1) An unspecified error in WebKit can be exploited to cause memory corruption.
2) Another unspecified error in WebKit can be exploited to cause memory corruption.
3) Another unspecified error in WebKit can be exploited to cause memory corruption.
Successful exploitation of the vulnerabilities #1 through #3 may allow execution of arbitrary code.
4) An error related to WebKit History can be exploited to disclose contents of arbitrary files on a user's system.
5) An error when handling the rel attribute in anchor elements can be exploited to gain otherwise restricted access to link objects.
The vulnerabilities are reported in versions prior to 8.0.6, prior to 7.1.6, and prior to 6.2.6 running on OS X versions 10.8.5 (Mountain Lion), 10.9.5 (Mavericks), and 10.10.3 (Yosemite).
Solution
Update to version 8.0.6, 7.1.6, or 6.2.6.
References:
IBM (IV72335, IV72338, IV72342, IV72345, IV72346, IV72348, IV72351, IV72352, IV72355, IV70681, APPLE-SA-2015-05-06-1:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 9 خرداد 1394

امتیاز

امتیاز شما
تعداد امتیازها:0