فا

‫ Apple Safari WebKit Multiple Vulnerabilities

ID: IRCAD2015033824
Release Date: 2015-03-18
Criticality level: Highly critical
Software:
Apple Safari 6.x
Apple Safari 7.x
Apple Safari 8.x
Description:
Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct spoofing attacks and compromise a user's system.
1) An unspecified error exists in WebKit, which can be exploited to cause memory corruption.
2) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
3) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
4) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
5) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
6) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
7) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
8) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
9) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
10) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
11) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
12) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
13) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
14) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
15) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
16) Another unspecified error exists in WebKit, which can be exploited to cause memory corruption.
Successful exploitation of the vulnerabilities #1 through #‫16 may allow execution of arbitrary code.
17) An unspecified error can be exploited to misrepresent the URL and subsequently e.g. conduct spoofing attacks.
The vulnerabilities are reported in versions prior to 6.2.4, prior to 7.1.4, and prior to 8.0.4.
Solution
Update to version 6.2.4, 7.1.4, or 8.0.4.
References:
APPLE-SA-2015-03-17-1:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 6 اردیبهشت 1394

امتیاز

امتیاز شما
تعداد امتیازها: 0