en

‫ Apple Safari Multiple Vulnerabilities

ID: IRCAD2015043868
Release Date: 2015-04-09
Criticality level: Highly critical
Software:
Apple Safari 6.x
Apple Safari 7.x
Apple Safari 8.x
Description:
Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
1) An error when handling push notifications can be exploited to disclose browsing history in private mode.
2) An unspecified error in WebKit can be exploited to cause memory corruption.
3) Another unspecified error in WebKit can be exploited to cause memory corruption.
4) Another unspecified error in WebKit can be exploited to cause memory corruption.
5) Another unspecified error in WebKit can be exploited to cause memory corruption.
6) Another unspecified error in WebKit can be exploited to cause memory corruption.
7) An error in WebKit when handling credentials for FTP URLs can be exploited to bypass the Same Origin Policy.
The vulnerabilities are reported in versions prior to 8.0.5, prior to 7.1.5, and prior to 6.2.5.
Solution
Update to version 8.0.5, 7.1.5, or 6.2.5.
References:
Secunia:

The Wall

No comments
You need to sign in to comment